Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-31067

The CSRs are not auto-approved on 4.16.0-ec.4

XMLWordPrintable

    • Moderate
    • No
    • Approved
    • False
    • Hide

      None

      Show
      None
    • N/A - fixed in same version as introduced issue
    • Release Note Not Required
    • In Progress

      Description of problem:

      After build02 is upgraded to 4.16.0-ec.4 from 4.16.0-ec.3, the CSRs are not auto-approved. As a result, provisioned machines cannot become nodes of the cluster.

      Version-Release number of selected component (if applicable):

      oc --context build02 get clusterversion version
NAME      VERSION       AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.16.0-ec.4   True        False         4h28m

      How reproducible:

      Steps to Reproduce:

          1.
    2.
    3.

      Actual results:

      Expected results:

      Additional info:

      mimccune@redhat.com feels the group "system:serviceaccounts" was missing in the CSR.
      https://redhat-internal.slack.com/archives/CBZHF4DHC/p1710875084740869?thread_ts=1710861842.471739&cid=CBZHF4DHC

      An inspection of the namespace openshift-cluster-machine-approver:
      https://redhat-internal.slack.com/archives/CBZHF4DHC/p1710863462860809?thread_ts=1710861842.471739&cid=CBZHF4DHC

       

      A workaround to approve the CSRs manually on b02:

      https://github.com/openshift/release/pull/50016

       

              jerzhang@redhat.com Yu Qi Zhang
              hongkliu Hongkai Liu
              Sergio Regidor de la Rosa Sergio Regidor de la Rosa
              Charles Doern
              Votes:
              0 Vote for this issue
              Watchers:
              14 Start watching this issue

                Created:
                Updated:
                Resolved: