Bug 1774156

Summary: [4.2.z] Finish Automate rotation of Service CA
Product: OpenShift Container Platform Reporter: Eric Rich <erich>
Component: apiserver-authAssignee: Maru Newby <mnewby>
Status: CLOSED ERRATA QA Contact: scheng
Severity: high Docs Contact:
Priority: unspecified    
Version: 4.3.0CC: aos-bugs, erich, mfojtik, mnewby, nagrawal, scheng, scuppett, sttts
Target Milestone: ---   
Target Release: 4.2.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1774121 Environment:
Last Closed: 2020-03-10 11:41:10 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1774121, 1788179    
Bug Blocks:    

Description Eric Rich 2019-11-19 17:35:10 UTC 
+++ This bug was initially created as a clone of Bug #1774121 +++

> Details of feature and work involved is captured here: https://jira.coreos.com/browse/PROD-970

We should be backporting this capability to 4.2.z to keep customers on this version from seeing an issue with Service CA's
Comment 1 Maru Newby 2020-02-10 19:34:59 UTC 
Why does this bz need to depend on the 1788179? I would have thought that the 4.2 backport should only depend on the 4.4 bz, not the 4.3 bz.
Comment 2 Eric Rich 2020-02-17 14:08:45 UTC 
(In reply to Maru Newby from comment #1)
> Why does this bz need to depend on the 1788179? I would have thought that
> the 4.2 backport should only depend on the 4.4 bz, not the 4.3 bz.
Comment 3 Eric Rich 2020-02-17 14:21:56 UTC 
(In reply to Eric Rich from comment #2)
> (In reply to Maru Newby from comment #1)
> > Why does this bz need to depend on the 1788179? I would have thought that
> > the 4.2 backport should only depend on the 4.4 bz, not the 4.3 bz.

I belive I have fixed this.
Comment 4 Maru Newby 2020-02-17 17:06:27 UTC 
(In reply to Eric Rich from comment #3)

My apologies for my ignorance, I've since learned that the process does require the dependency in question. Something about merging and validating against each previous release in turn to minimize the potential for breaking previous releases.
Comment 10 errata-xmlrpc 2020-03-10 11:41:10 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0685