Bug 1981634
Summary: | enhance service-ca injection | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | OpenShift BugZilla Robot <openshift-bugzilla-robot> |
Component: | service-ca | Assignee: | David Eads <deads> |
Status: | CLOSED ERRATA | QA Contact: | liyao |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | 4.9 | CC: | aos-bugs, liyao, mfojtik, surbania, xxia |
Target Milestone: | --- | ||
Target Release: | 4.7.z | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2021-07-26 17:35:23 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1981633 | ||
Bug Blocks: |
Description
OpenShift BugZilla Robot
2021-07-13 03:17:08 UTC
Tested in 4.7.0-0.nightly-2021-07-13-223143 fresh env $ oc get kubecontrollermanager cluster -o yaml | grep -i secure # no output, this means secure mode is NOT used by default. $ oc new-project testproj $ oc get cm openshift-service-ca.crt -o yaml # annotation service.alpha.openshift.io/inject-vulnerable-legacy-cabundle: "true" is seen, and multiple certs in service-ca.crt field, this is as expected (In reply to liyao from comment #3) > Tested in 4.7.0-0.nightly-2021-07-13-223143 fresh env > $ oc get kubecontrollermanager cluster -o yaml | grep -i secure > # no output, this means secure mode is NOT used by default. FYI, need not test this. See the 4.7 PRs, 4.7 does not add this field, only 4.8+ add. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.7.21 bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:2762 The needinfo request[s] on this closed bug have been removed as they have been unresolved for 500 days |