-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
4.16, 4.17, 4.18, 4.19, 4.20, 4.21
-
None
-
Quality / Stability / Reliability
-
False
-
-
None
-
Moderate
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
When installing a cluster that contains the substring ".tmp" in the domain name, the static pod pruner will delete all certificates on all control plane nodes.
Version-Release number of selected component (if applicable):
any version containing https://github.com/openshift/library-go/pull/1103 cluster-etcd-operator has it all the way back to 4.8: https://github.com/openshift/cluster-etcd-operator/blob/release-4.8/vendor/github.com/openshift/library-go/pkg/operator/staticpod/prune/cmd.go#L138-L142
How reproducible:
always
Steps to Reproduce:
1. Create a cluster with a subdomain that contains .tmp, e.g. test.tmpgcp.devcluster.openshift.com
2. Wait for installation and potentially force a few static pod rollouts on etcd/apiserver by changing the log level
Actual results:
the cluster annihaliates itself by deleting all certificates in the kubernetes manifest dir for all static pods
Expected results:
the cluster installs fine and continues to run stable
Additional info:
I already wrote a regression test for it here that showcases it being a problem: https://github.com/openshift/library-go/pull/2025/files