Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-56457

Validate OCP API Server info only if reconciling KPI

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 4.20.0
    • 4.18, 4.19, 4.20
    • HyperShift
    • None
    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • None
    • Critical
    • Yes
    • Rejected
    • None
    • Done
    • Bug Fix
    • Hide
      Before this update, the HyperShift Operator validated the Kubernetes API Server subject alternative names (SANs) in all cases. As a consequence, users sometimes experienced invalid API Server SANs during public key infrastructure (PKI) reconciliation. With this release, the Kubernetes API Server SANs are validated only if PKI reconciliation is not disabled.
      Show
      Before this update, the HyperShift Operator validated the Kubernetes API Server subject alternative names (SANs) in all cases. As a consequence, users sometimes experienced invalid API Server SANs during public key infrastructure (PKI) reconciliation. With this release, the Kubernetes API Server SANs are validated only if PKI reconciliation is not disabled.
    • None
    • None
    • None
    • None

      Description of problem:

          The validation of the OCP API Server SANs https://github.com/openshift/hypershift/blob/13e0d5f146e2dbe41a9c8881ea3aef15062e9bf7/hypershift-operator/controllers/hostedcluster/validations/ocpapiserver.go#L26c should only be done when Hypershift is managing the PKI reconciliation. 

The validation was introduced in: https://github.com/openshift/hypershift/pull/6091

      Version-Release number of selected component (if applicable):

      How reproducible:

      Steps to Reproduce:

          1.
    2.
    3.

      Actual results:

      Expected results:

      Additional info:

              rcradick Ryan Cradick
              rcradick Ryan Cradick
              None
              None
              Ke Wang Ke Wang
              None
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: