Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-39039

Azure Encryption at Host Should be Independently Togglable from DiskEncryptionSetID

XMLWordPrintable

    • Important
    • None
    • Hypershift Sprint 259
    • 1
    • Proposed
    • False
    • Hide

      None

      Show
      None
    • Release Note Not Required
    • In Progress

      Description of problem:

          EncryptionAtHost and DiskEncryptionSets are two features which should not be tightly coupled.  They should be able to be enabled / disabled independently.  Currently EncryptionAtHost is only enabled if DiskEncryptionSetID is a valid disk encryption set resource ID.


https://github.com/openshift/hypershift/blob/0cc82f7b102dcdf6e5d057255be1bdb1593d1203/hypershift-operator/controllers/nodepool/azure.go#L81-L88

      Version-Release number of selected component (if applicable):

      How reproducible:

          Every time

      Steps to Reproduce:

          1.See comments

      Actual results:

         EncryptionAtHost is only set if DiskEncryptionSetID is set.

      Expected results:

          EncryptionAtHost and DiskEncryptionSetID should be independently settable.

      Additional info:

          https://redhat-external.slack.com/archives/C075PHEFZKQ/p1724772123804009

            rh-ee-brcox Bryan Cox
            bvesel@redhat.com Benjamin Vesel
            Feilian Xie Feilian Xie
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: