Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-32331

FIPS clusters cannot complete due to oauth-server

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Critical Critical
    • 4.16.0
    • 4.16
    • apiserver-auth
    • None
    • Critical
    • No
    • Proposed
    • False
    • Hide

      None

      Show
      None
    • Release Note Not Required
    • In Progress

      Since approximately 12 April, all FIPS CI is broken, with the authentication operator failing to come up.

      Sippy

      The oauth-openshift containers are failing with the message:

      Copying system trust bundle
      FIPS mode is enabled, but the required OpenSSL backend is unavailable
      

      This is due to https://github.com/openshift/oauth-server/commit/8a6f3a11a4b25e3e22152252720490b9f355ce53 changing the base image to RHEL 9 while leaving the builder image as RHEL 8. When the binary starts, it can not find the RHEL 8 OpenSSL it was linked against.

            zabitter Zane Bitter
            zabitter Zane Bitter
            Xingxing Xia Xingxing Xia
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: