Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-43840

OIDC IDP validation check should not be fatal to CPO reconcilation

XMLWordPrintable

    • Important
    • None
    • Hypershift Sprint 261
    • 1
    • False
    • Hide

      None

      Show
      None
    • Hide
      * Previously, an invalid or unreachable identity provider (IDP) blocked updates to {hcp}. With this release, the `ValidIDPConfiguration` condition in the `HostedCluster` object now reports any IDP errors so that these errors do not block updates to {hcp}. (link:https://issues.redhat.com/browse/OCPBUGS-43840[*OCPBUGS-43840*])
      Show
      * Previously, an invalid or unreachable identity provider (IDP) blocked updates to {hcp}. With this release, the `ValidIDPConfiguration` condition in the `HostedCluster` object now reports any IDP errors so that these errors do not block updates to {hcp}. (link: https://issues.redhat.com/browse/OCPBUGS-43840 [* OCPBUGS-43840 *])
    • Bug Fix
    • Done

      This is a clone of issue OCPBUGS-43746. The following is the description of the original issue:

      This is a clone of issue OCPBUGS-38132. The following is the description of the original issue:

      The CPO reconciliation aborts when the OIDC/LDAP IDP validation check fails and this result in failure to reconcile for any components that are reconciled after that point in the code.

      This failure should not be fatal to the CPO reconcile and should likely be reported as a condition on the HC.

      xref

      Customer incident
      https://issues.redhat.com/browse/OCPBUGS-38071

      RFE for bypassing the check
      https://issues.redhat.com/browse/RFE-5638

      PR to proxy the IDP check through the data plane network
      https://github.com/openshift/hypershift/pull/4273

       

              sjenning Seth Jennings
              openshift-crt-jira-prow OpenShift Prow Bot
              Jie Zhao Jie Zhao
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: