Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-36172

Canonicalized pull secrets do not get updated when the original secret has changed

XMLWordPrintable

    • No
    • False
    • Hide

      None

      Show
      None
    • Release Note Not Required
    • In Progress

      This is a clone of issue OCPBUGS-34079. The following is the description of the original issue:

      Description of problem:

      If a cluster admin creates a new MachineOSConfig that references a legacy pull secret, the canonicalized version of this secret that gets created is not updated whenever the original pull secret changes.

       

      How reproducible:

      Always

       

      Steps to Reproduce:

      1. Create a new legacy-style Docker pull secret in the MCO namespace. Specifically, one which follows the pattern of {"hostname.com": {"username": ""...}

        .

      2. Create a MachineOSConfig that references this legacy pull secret. The MachineOSConfig will get updated with a different secret name with the suffix -canonical.
      3. Change the original legacy-style Docker pull secret that was created to a different secret.

      Actual results:

      The canonicalized version of the pull secret is never updated with the contents of the legacy-style pull secret.

       

      Expected results:

      Ideally, the canonicalized version of the pull secret should be updated since BuildController created it.

       

      Additional info:

      This occurs because when the legacy pull secret is initially detected, BuildController canonicalizes it and then updates the MachineOSConfig with the name of the canonicalized secret. The next time this secret is referenced, the original secret does not get read.

              zzlotnik@redhat.com Zack Zlotnik
              openshift-crt-jira-prow OpenShift Prow Bot
              Sergio Regidor de la Rosa Sergio Regidor de la Rosa
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated: