• Type: Bug
• Resolution: Done
• Priority: Major
• Fix Version/s: 4.18.0
• Affects Version/s: 4.17
• Component/s: HyperShift
• Labels:

  • jlp-release-4.17:OCPBUGS-41689
  • triaged

[OCPBUGS-39039] Azure Encryption at Host Should be Independently Togglable from DiskEncryptionSetID

Benjamin Vesel (Inactive) created issue - 2024/08/27 6:03 PM

Benjamin Vesel (Inactive) made changes - 2024/08/27 6:03 PM

QA Contact

New: Jie Zhao [ JIRAUSER162331 ]

Benjamin Vesel (Inactive) made changes - 2024/08/27 6:04 PM

Description

Original: Description of problem: {code:none}     EncryptionAtHost and DiskEncryptionSets are two features which are not mutually exclusive. They should be able to be enabled / disabled independently. Currently EncryptionAtHost is only enabled if DiskEncryptionSetID is a valid disk encryption set resource ID.{code} Version-Release number of selected component (if applicable): {code:none}     {code} How reproducible: {code:none}     Every time{code} Steps to Reproduce: {code:none}     1.     2.     3.     {code} Actual results: {code:none}     {code} Expected results: {code:none}     {code} Additional info: {code:none}     https://redhat-external.slack.com/archives/C075PHEFZKQ/p1724772123804009{code}

New: Description of problem: {code:none}     EncryptionAtHost and DiskEncryptionSets are two features which are not mutually exclusive. They should be able to be enabled / disabled independently. Currently EncryptionAtHost is only enabled if DiskEncryptionSetID is a valid disk encryption set resource ID. https://github.com/openshift/hypershift/blob/0cc82f7b102dcdf6e5d057255be1bdb1593d1203/hypershift-operator/controllers/nodepool/azure.go#L81-L88{code} Version-Release number of selected component (if applicable): {code:none}     {code} How reproducible: {code:none}     Every time{code} Steps to Reproduce: {code:none}     1.     2.     3.     {code} Actual results: {code:none}    EncryptionAtHost is only set if DiskEncryptionSetID is set. {code} Expected results: {code:none}     EncryptionAtHost and DiskEncryptionSetID should be independently settable. {code} Additional info: {code:none}     https://redhat-external.slack.com/archives/C075PHEFZKQ/p1724772123804009{code}

Benjamin Vesel (Inactive) made changes - 2024/08/27 6:16 PM

Description

Original: Description of problem: {code:none}     EncryptionAtHost and DiskEncryptionSets are two features which are not mutually exclusive. They should be able to be enabled / disabled independently. Currently EncryptionAtHost is only enabled if DiskEncryptionSetID is a valid disk encryption set resource ID. https://github.com/openshift/hypershift/blob/0cc82f7b102dcdf6e5d057255be1bdb1593d1203/hypershift-operator/controllers/nodepool/azure.go#L81-L88{code} Version-Release number of selected component (if applicable): {code:none}     {code} How reproducible: {code:none}     Every time{code} Steps to Reproduce: {code:none}     1.     2.     3.     {code} Actual results: {code:none}    EncryptionAtHost is only set if DiskEncryptionSetID is set. {code} Expected results: {code:none}     EncryptionAtHost and DiskEncryptionSetID should be independently settable. {code} Additional info: {code:none}     https://redhat-external.slack.com/archives/C075PHEFZKQ/p1724772123804009{code}

New: Description of problem: {code:none}     EncryptionAtHost and DiskEncryptionSets are two features which are not mutually exclusive. They should be able to be enabled / disabled independently. Currently EncryptionAtHost is only enabled if DiskEncryptionSetID is a valid disk encryption set resource ID. https://github.com/openshift/hypershift/blob/0cc82f7b102dcdf6e5d057255be1bdb1593d1203/hypershift-operator/controllers/nodepool/azure.go#L81-L88{code} Version-Release number of selected component (if applicable): {code:none}     {code} How reproducible: {code:none}     Every time{code} Steps to Reproduce: {code:none}     1.See comments {code} Actual results: {code:none}    EncryptionAtHost is only set if DiskEncryptionSetID is set. {code} Expected results: {code:none}     EncryptionAtHost and DiskEncryptionSetID should be independently settable. {code} Additional info: {code:none}     https://redhat-external.slack.com/archives/C075PHEFZKQ/p1724772123804009{code}

Benjamin Vesel (Inactive) made changes - 2024/08/27 8:49 PM

Link

New: This issue is related to HOSTEDCP-1328 [ HOSTEDCP-1328 ]

Patryk Stefanski made changes - 2024/09/02 2:18 PM

Priority

Original: Undefined [ 10300 ]

New: Major [ 3 ]

OpenShift Jira Bot made changes - 2024/09/02 2:18 PM

Release Blocker

New: Proposed [ 25756 ]

Patryk Stefanski made changes - 2024/09/02 2:18 PM

Labels

New: triaged

Patryk Stefanski made changes - 2024/09/02 2:18 PM

Target Version

New: 4.18.0 [ 12431397 ]

Patryk Stefanski made changes - 2024/09/02 2:18 PM

Target Backport Versions

New: 4.17.z [ 12428296 ]

Patryk Stefanski made changes - 2024/09/02 2:18 PM

Sprint

New: Hypershift Sprint 259 [ 63510 ]

Patryk Stefanski made changes - 2024/09/02 2:18 PM

Assignee

Original: Alberto Garcia Lamela [ agarcial@redhat.com ]

Antoni Segura Puimedon made changes - 2024/09/03 2:53 PM

Assignee

New: Bryan Cox [ rh-ee-brcox ]

Benjamin Vesel (Inactive) made changes - 2024/09/04 3:09 PM

Description

Original: Description of problem: {code:none}     EncryptionAtHost and DiskEncryptionSets are two features which are not mutually exclusive. They should be able to be enabled / disabled independently. Currently EncryptionAtHost is only enabled if DiskEncryptionSetID is a valid disk encryption set resource ID. https://github.com/openshift/hypershift/blob/0cc82f7b102dcdf6e5d057255be1bdb1593d1203/hypershift-operator/controllers/nodepool/azure.go#L81-L88{code} Version-Release number of selected component (if applicable): {code:none}     {code} How reproducible: {code:none}     Every time{code} Steps to Reproduce: {code:none}     1.See comments {code} Actual results: {code:none}    EncryptionAtHost is only set if DiskEncryptionSetID is set. {code} Expected results: {code:none}     EncryptionAtHost and DiskEncryptionSetID should be independently settable. {code} Additional info: {code:none}     https://redhat-external.slack.com/archives/C075PHEFZKQ/p1724772123804009{code}

New: Description of problem: {code:none}     EncryptionAtHost and DiskEncryptionSets are two features which should not be tightly coupled. They should be able to be enabled / disabled independently. Currently EncryptionAtHost is only enabled if DiskEncryptionSetID is a valid disk encryption set resource ID. https://github.com/openshift/hypershift/blob/0cc82f7b102dcdf6e5d057255be1bdb1593d1203/hypershift-operator/controllers/nodepool/azure.go#L81-L88{code} Version-Release number of selected component (if applicable): {code:none}     {code} How reproducible: {code:none}     Every time{code} Steps to Reproduce: {code:none}     1.See comments {code} Actual results: {code:none}    EncryptionAtHost is only set if DiskEncryptionSetID is set. {code} Expected results: {code:none}     EncryptionAtHost and DiskEncryptionSetID should be independently settable. {code} Additional info: {code:none}     https://redhat-external.slack.com/archives/C075PHEFZKQ/p1724772123804009{code}

OpenShift Prow Bot made changes - 2024/09/11 2:24 AM

Status

Original: New [ 10016 ]

New: POST [ 15726 ]

OpenShift Prow Bot made changes - 2024/09/11 2:24 AM

Remote Link

New: This issue links to "openshift/hypershift#4701: OCPBUGS-39039: Allow Encryption at Host to be Independently Toggled from DiskEncryptionSetID (Web Link)" [ 1754546 ]

Bryan Cox made changes - 2024/09/11 2:26 AM

Status

Original: POST [ 15726 ]

New: ASSIGNED [ 14452 ]

OpenShift Prow Bot made changes - 2024/09/11 2:27 AM

Link

New: This issue is cloned by OCPBUGS-41689 [ OCPBUGS-41689 ]

OpenShift Prow Bot made changes - 2024/09/11 2:27 AM

Link

New: This issue blocks OCPBUGS-41689 [ OCPBUGS-41689 ]

OpenShift Prow Bot made changes - 2024/09/11 2:27 AM

Labels

Original: triaged

New: jlp-release-4.17:OCPBUGS-41689 triaged

Feilian Xie (Inactive) made changes - 2024/09/11 11:58 AM

QA Contact

Original: Jie Zhao [ JIRAUSER162331 ]

New: Feilian Xie [ JIRAUSER198986 ]

Bryan Cox made changes - 2024/09/11 2:59 PM

Release Note Type

New: Release Note Not Required [ 31862 ]

OpenShift Jira Bot made changes - 2024/09/11 2:59 PM

Release Note Status

New: In Progress [ 30960 ]

OpenShift Prow Bot made changes - 2024/09/11 4:39 PM

Status

Original: ASSIGNED [ 14452 ]

New: MODIFIED [ 14454 ]

ART Bot made changes - 2024/09/11 5:04 PM

Status

Original: MODIFIED [ 14454 ]

New: ON_QA [ 15723 ]

Yu Li made changes - 2024/09/12 5:19 AM

Severity

New: Important [ 26751 ]

OpenShift Prow Bot made changes - 2024/09/12 11:36 AM

Remote Link

New: This issue links to "openshift/hypershift#4711: OCPBUGS-39039: Add EncryptionAtHost to create azure cluster CLI (Web Link)" [ 1756348 ]

Bryan Cox made changes - 2024/09/12 12:48 PM

Status

Original: ON_QA [ 15723 ]

New: ASSIGNED [ 14452 ]

OpenShift Prow Bot made changes - 2024/09/12 12:49 PM

Status

Original: ASSIGNED [ 14452 ]

New: POST [ 15726 ]

OpenShift Prow Bot made changes - 2024/09/13 5:17 AM

Status

Original: POST [ 15726 ]

New: MODIFIED [ 14454 ]

ART Bot made changes - 2024/09/13 7:33 AM

Status

Original: MODIFIED [ 14454 ]

New: ON_QA [ 15723 ]

Feilian Xie (Inactive) made changes - 2024/09/13 11:22 AM

Status

Original: ON_QA [ 15723 ]

New: Verified [ 10015 ]

Bryan Cox made changes - 2024/09/13 5:10 PM

Fix Version/s		New: 4.18.0 [ 12431397 ]
Resolution		New: Done [ 1 ]
Status	Original: Verified [ 10015 ]	New: Closed [ 6 ]

Ben Vesel made changes - 2025/04/04 2:24 PM

Link

New: This issue relates to XCMSTRAT-999 [ XCMSTRAT-999 ]