Bug 1893351

Summary: TLS secrets are not able to edit on console.
Product: OpenShift Container Platform Reporter: V S Krishna <kvatteka>
Component: Management ConsoleAssignee: Jakub Hadvig <jhadvig>
Status: CLOSED ERRATA QA Contact: Yadan Pei <yapei>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.5CC: aos-bugs, jokerman, yapei
Target Milestone: ---   
Target Release: 4.7.0   
Hardware: All   
OS: All   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: Wrong Secret type determination upon the saving. Consequence: TLS secrets are not able to edit in the console. Fix: Use the secret's 'type' field when updating Secret. Result: TLS secrets are able to be updated.
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-02-24 15:29:18 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 1896149    

Description V S Krishna 2020-10-30 19:34:13 UTC
Description of problem:

Not possible to edit TLS type secret from the console.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.Create a "TLS"(kubernetes.io/tls) secret:
$ oc create secret tls <secret-n --cert=path/to/tls.cert --key=path/to/tls.key
2.Go to the console,login and navigate to the projecet where the secret is created and try to edit the secret contents.

Actual results:
Unable to modify the secret as while clicking on "Save" option throws":
Error "Invalid value: "Opaque": field is immutable" for field "type"

Expected results:
Secret should be able to edit and modify.

Additional info:

Comment 2 Yadan Pei 2020-11-10 06:50:09 UTC
1. Create a Key/Value secret from console, Add tls.crt and tls.key as secret key, save the changes and the secret type will be set to kubernetes.io/tls
2. Goes to secret details page and Actions -> Edit Secret, Add Key/Value and Save the changes, kubernetes.io/tls type secret can be edited

Verified on 4.7.0-0.nightly-2020-11-09-235738

Comment 4 Yadan Pei 2020-11-20 02:50:35 UTC
We have back ported to 4.6.z and I see no issues back port to 4.5.z from QE's point of view. Let me confirm with Devs

Comment 6 Yadan Pei 2020-12-03 03:37:38 UTC
bug 1900443 is opened to track the backport to 4.5.z

Comment 9 errata-xmlrpc 2021-02-24 15:29:18 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.