Loading...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Critical
Fix Version/s: 4.16.0
Affects Version/s: 4.16
Component/s: apiserver-auth
Labels:
None

Severity:
Critical
Regression:
No
Release Blocker:
Proposed
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Release Note Type:
Release Note Not Required
Release Note Status:
In Progress
Target Version:

4.16.0

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Since approximately 12 April, all FIPS CI is broken, with the authentication operator failing to come up.

The oauth-openshift containers are failing with the message:

Copying system trust bundle
FIPS mode is enabled, but the required OpenSSL backend is unavailable

This is due to https://github.com/openshift/oauth-server/commit/8a6f3a11a4b25e3e22152252720490b9f355ce53 changing the base image to RHEL 9 while leaving the builder image as RHEL 8. When the binary starts, it can not find the RHEL 8 OpenSSL it was linked against.

is caused by

OCPBUGS-24987 Update 4.16 oauth-server-container image to be consistent with ART

Closed

links to

openshift/oauth-server#145: OCPBUGS-32331: Updating oauth-server-container image to be consistent with ART for 4.16

RHEA-2024:0041 OpenShift Container Platform 4.16.z bug fix update

Assignee:: Zane Bitter

Reporter:: Zane Bitter

QA Contact:: Xingxing Xia

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: 2024/04/16 9:08 PM

Updated:: 2024/06/27 11:43 AM

Resolved:: 2024/06/27 11:43 AM