Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: 4.15.z
Component/s: Cloud Credential Operator
Labels:
None

Severity:
Moderate
Regression:
No
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Target Backport Versions:

4.15.z, 4.16.0

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

PX Impact Score:

Description of problem:

When the cloud-credential-operator is used in manual mode, and awsSTSIAMRoleARN is not present in a credentialRequest (such as core operators), it continually attempts to reconcile. This started happening when we began filtering the secrets. Because the manually managed secrets do not have the proper annotation, cloud-credential-operator is no longer able to see them. As a result, when attempting to see if the credentialRequest needs to be updated (needsupdate), it always returns true due to no secret found.

Version-Release number of selected component (if applicable):

    4.15.3

How reproducible:

    Always present in AWS STS clusters

Steps to Reproduce:

    1.create an STS clsuter
    2.check the cco pod logs for repeating attempts
    3.

Actual results:

    CCO continually attempts to reconcile these CRs

Expected results:

    CCO should not be attempting to reconcile these CRs.

Additional info:

clones

OCPBUGS-33566 Cloud credential operator logs two errors per second when awsSTSIAMRoleARN is empty

Closed

is related to

OCPBUGS-36644 Cloud Credentials operator generating millions of messages per day in GCP clusters

Verified

OCPBUGS-42709 All GCP CredentialsRequest set to CredentialsProvisionFailure=True on GCP WIF cluster

Closed

Assignee:: Unassigned

Reporter:: Samantha Jayasinghe

QA Contact:: Jianping Shu

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2024/05/20 8:22 PM

Updated:: 2024/10/02 7:22 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates