-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
4.17, 4.18
-
Moderate
-
None
-
NE Sprint 264, NE Sprint 265
-
2
-
Rejected
-
False
-
-
N/A
-
Release Note Not Required
-
In Progress
Description of problem:
The CEL for AWSNetworkLoadBalancerParameters that ensures Subnets and EIPs are equal, should be "feature gated" by both SetEIPForNLBIngressController and IngressControllerLBSubnetsAWS. Meaning, the CEL should only be present/executed if both feature gates are enabled.
At the time we released this feature, there wasn't a way to do "AND" for the FeatureGateAwareXValidation marker, but recently https://github.com/openshift/kubernetes-sigs-controller-tools/pull/21 has been merged which now supports that.
However, nothing is currently broken since both feature gates are now enabled by default, but if the IngressControllerLBSubnetsAWS feature gate was disabled for any reason, the IngressController CRD would become invalid and unable to install. You'd get an error message similar to:
ERROR: <input>:1:157: undefined field 'subnets'
Version-Release number of selected component (if applicable):
4.17 and 4.18
How reproducible:
100%?
Steps to Reproduce:
1. Disable IngressControllerLBSubnetsAWS feature gate
Actual results:
IngressController CRD is now broken
Expected results:
IngressController shouldn't be broken.
Additional info:
To be clear, this is not a bug with an active impact, but this is more of an inconsistency that could cause problems in the future.