Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Normal
Fix Version/s: None
Affects Version/s: 4.20
Component/s: HyperShift
Labels:
- issue-for-agent
- triaged

Activity Type:
Quality / Stability / Reliability
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Story Points:
None
Severity:
None
Regression:
None

Target Backport Versions:
None
Target Version:

4.21.0
Release Blocker:
None
Sprint:
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

PX Impact Score:

Release Note Status:
None
Release Note Type:
None
Release Note Text:
None

Escape Reason:
None
Escape Impact:
None
Corrective Measures:
None
SDLC stage when should've been found:
None

Description of problem:
Context:

additionaTrustBundle cert not removed from user-ca-bundle on the guest cluster when additionalTrustBundle field removed from the HostedCluster spec

Acceptance criteria:

The reconciliation logic ensures the user-ca-bundle is deleted in the guest cluster when the additionalTrustBundle is deleted.
There's a unit test to cover this
This is validated as part of the additionalTrustBundle e2e

Version-Release number of selected component (if applicable):

How reproducible:

  every time

Steps to Reproduce:

    1. Bring up a cluster with additionalTrustBundle
    2. Remove additionalTrustBundle field from the HostedCluster spec
    3. Check user-ca-bundle on the guest cluster

Actual results:

Expected results:

Additional info:

    This issue found during testing https://issues.redhat.com/browse/OCPBUGS-57336

links to

openshift/hypershift#6900: OCPBUGS-60707: Fix user-ca-bundle cleanup when additionalTrustBundle is removed

Assignee:: Cesar Wong

Reporter:: Jie Zhao

Need Info From:: None

Contributors:: None

QA Contact:: Jie Zhao

Doc Contact:: None

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2025/08/20 8:29 PM

Updated:: 2025/09/29 8:00 AM