Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Normal
Fix Version/s: None
Affects Version/s: 4.19
Component/s: Cloud Compute / OpenStack Provider
Labels:
- QA-Triaged
- Triaged

Activity Type:
Quality / Stability / Reliability
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Story Points:
None
Severity:
None
Regression:
None

Target Backport Versions:
None
Target Version:
None
Release Blocker:
None
Sprint:
ShiftStack Sprint 267, ShiftStack Sprint 270, ShiftStack Sprint 271
sprint_count:
3

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Test Coverage:

+

Release Note Status:
In Progress
Release Note Type:
Bug Fix
Release Note Text:
CAPO deployed by cluster-capi-operator will now work correctly in deployments using self-signed certificates.

Escape Reason:
None
Escape Impact:
None
Corrective Measures:
None
SDLC stage when should've been found:
None

In TechPreviewNoUpgrade, CAPI Operator is deployed and takes care of deploying CAPO.

However, we have seen in CI that when the OpenStack endpoints use a self signed CA certificate, CAPO complains about TLS:

2025-02-12T21:20:57Z	ERROR	Reconciler error	{"controller": "clusteroperator", "controllerGroup": "config.openshift.io", "controllerKind": "ClusterOperator", "ClusterOperator": {"name":"cluster-api"}, "namespace": "", "name": "cluster-api", "reconcileID": "119878d6-e7b6-40d0-8f0d-2b88ace46cde", "error": "creating OpenStack provider scope: providerClient authentication err: Get \"https://38.102.83.27:13000/\": tls: failed to verify certificate: x509: certificate signed by unknown authority"}

https://gcsweb-ci.apps.ci.l2s4.p1.openshiftapps.com/gcs/test-platform-results/pr-logs/pull/openshift_release/61578/rehearse-61578-pull-ci-openshift-cluster-api-provider-openstack-main-e2e-techpreview/1889755715736702976/artifacts/e2e-techpreview/gather-extra/artifacts/pods/openshift-cluster-api_capo-infracluster-controller-6cd94f99-7g9x9_manager.log

depends on

OSASINFRA-3657 Sync CA bundle from root credential to generated credentials

Closed

Assignee:: Stephen Finucane

Reporter:: Emilien Macchi

Need Info From:: None

Contributors:: None

QA Contact:: Ramón Lobillo

Doc Contact:: None

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2025/02/13 12:22 AM

Updated:: 2025/07/16 1:16 PM

Resolved:: 2025/05/19 2:43 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

Hide