Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-56614

Unable to remove legacy pullsecret tokens after removing registry

XMLWordPrintable

    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • Done
    • Bug Fix
    • On a cluster upgraded from pre-4.16, if the internal Image Registry is removed, there might be previously generated image pull secrets that cannot be deleted due to the presence of the `openshift.io/legacy-token` finalizer.    
    • None
    • None
    • None
    • None

      This is a clone of issue OCPBUGS-52193. The following is the description of the original issue:

      Description of problem:

      Our docs state: `When the integrated OpenShift image registry is disabled on a cluster that previously had it enabled, the previously generated image pull secrets are deleted automatically.`
      
      However when the image regstiry is set to removed the `openshift.io/serviceaccount-pull-secrets` controller is disabled and the finalizers are stuck on all legacy pullsecrets.    

      Version-Release number of selected component (if applicable):

          

      How reproducible:

          

      Steps to Reproduce:

          1. upgrade to 4.16
          2. set registry operator to removed
          3. attempt to delete any dockercfg secret with `openshift.io/legacy-token` finalizer.      

      Actual results:

          hung secret deletion

      Expected results:

          secret should have been cleaned up during registry deletion. / the secret finalizers should not block namespace deletion when the registry is disabled. 

      Additional info:

          

              rmarasch@redhat.com Ricardo Maraschini
              openshift-crt-jira-prow OpenShift Prow Bot
              None
              None
              Wen Wang Wen Wang
              None
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: