Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-3376

Backport aws-pod-identity-webhook: Fix serviceaccount regional sts annotation not taking effect unless flag is true

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Normal Normal
    • None
    • 4.13.z, 4.12.z, 4.14.z
    • Critical
    • None
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      Openshift 4.11 still relies on v0.1.0 of aws-pod-identity-webhook (used by openshift-cloud-credential-operator) which is already almost 3 years old and contains several issues that have been fixed in the meantime in the upstream AWS project (latest release 0.4.0): https://github.com/openshift/aws-pod-identity-webhook

       

      We understand that it is on downstream forked but we're interested in at least, an specific backport. The specific issue that customer is facing is  setting `eks.amazonaws.com/sts-regional-endpoints: "true"` on a SA whose NS is labelled with `pod-identity-webhook/mutate=true` does not work 
      See issue fixed in 0.3.0: https://github.com/aws/amazon-eks-pod-identity-webhook/pull/120). 

      Version-Release number of selected component (if applicable):

      - OpenShift Container Platform 4.11

      How reproducible:

      Explained in the pull request fix.

      Steps to Reproduce:

      Explained in the pull request fix.
      

      Actual results:

      - Setting eks.amazonaws.com/sts-regional-endpoints: "true"` on a SA whose NS is labelled with `pod-identity-webhook/mutate=true` does not work 

      Expected results:

      To backport issue fixed in 0.3.0: https://github.com/aws/amazon-eks-pod-identity-webhook/pull/120). 

      Additional info:

       

       

       

       

            rh-ee-mold Mark Old
            rhn-support-dahernan David Hernandez Fernandez
            Jianping Shu Jianping Shu
            Votes:
            3 Vote for this issue
            Watchers:
            13 Start watching this issue

              Created:
              Updated:
              Resolved: