-
Bug
-
Resolution: Unresolved
-
Normal
-
4.20, 4.21
-
None
Description of problem:
If the disable-pki-reconciliation annotation is present, the ignition-server-serving-cert and ignition-server-ca-cert secrets are deleted during ignition-server reconciliation. This prevents ignition-server pods from starting up completely.
Version-Release number of selected component (if applicable):
4.20, 4.21
How reproducible:
Always
Steps to Reproduce:
1. Create 4.20 HostedCluster with user-supplied ignition-server-serving-cert and ignition-server-ca-cert secrets, as well as the disable-pki-reconciliation annotation
Actual results:
control-plane-operator deletes the user-supplied secrets, ignition-servers won't start up completely
Expected results:
User-supplied secrets are preserved, ignition-server pods start up completely
Additional info:
- blocks
-
OCPBUGS-62006 Ignition Server certificate secrets deleted if disable-pki-reconciliation annotation is present
-
- Verified
-
- is cloned by
-
OCPBUGS-62006 Ignition Server certificate secrets deleted if disable-pki-reconciliation annotation is present
-
- Verified
-
- links to