Bug 2218492

Summary: Pass-through CA certificates to Velero not working
Product: [Red Hat Storage] Red Hat OpenShift Data Foundation Reporter: pallavi <pallavi.joshi>
Component: odf-drAssignee: Shyamsundar <srangana>
odf-dr sub component: ramen QA Contact: krishnaram Karthick <kramdoss>
Status: CLOSED ERRATA Docs Contact:
Severity: urgent    
Priority: unspecified CC: bhatfiel, muagarwa, odf-bz-bot, srangana
Version: 4.13   
Target Milestone: ---   
Target Release: ODF 4.14.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-11-08 18:52:10 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2218316, 2219395    
Bug Blocks:    

Description pallavi 2023-06-29 10:59:38 UTC 
Description of problem (please be detailed as possible and provide log
snippests):
Pass-through CA certificates to Velero not working leading to issues in communication of velero and https based S3 store while using ShioRamen functionality of Ramen product.


Version of all relevant components (if applicable): 4.13


Does this issue impact your ability to continue to work with the product
(please explain in detail what is the user impact)? yes


Is there any workaround available to the best of your knowledge?


Rate from 1 - 5 the complexity of the scenario you performed that caused this
bug (1 - very simple, 5 - very complex)?  1 


Can this issue reproducible? yes


Can this issue reproduce from the UI? yes


If this is a regression, please provide more details to justify this:



Steps to reproduce
1. Configured CA Certificates in DataProtectionApplication Instance of OADP operator
2. Configured CA Certificates in ramen-dr-config-map
3. Given CA certificates not preserved in BSL instance.


Actual results: CA certificates should be preserved in BSL instances


Expected results:  CA certificates not getting preserved in BSL instances


Additional info:
Comment 3 bhatfiel 2023-06-29 12:37:59 UTC 
Prior to this BZ filing, an upstream tracker indicated the CA certificates pass-through patch was "working as expected".
https://github.com/RamenDR/ramen/issues/940#issuecomment-1611093647

Does a problem still exist?  Or is this BZ a request to merge the upstream patch downstream?
Comment 4 Shyamsundar 2023-06-29 13:00:13 UTC 
Raised a BZ yesterday to backport the required caCert changes to 4.13.z release here bz #2218316
Comment 5 pallavi 2023-06-29 13:21:48 UTC 
Problem does not exist now. Reported bug here in order to merge it in downstream branch
Comment 6 Shyamsundar 2023-08-01 01:44:45 UTC 
Part of release-4.14 code base: commit ID 512700598f133f28b7e8bbeae78e6825812d7856

Was brought in as part of rebase to main and creating the 4.14 branch.
Comment 10 pallavi 2023-08-25 12:26:05 UTC 
Tested this fix and it seems to be working fine.
Comment 11 krishnaram Karthick 2023-09-20 04:54:00 UTC 
Moving the bug to verified based on the above comment.
Comment 16 errata-xmlrpc 2023-11-08 18:52:10 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Red Hat OpenShift Data Foundation 4.14.0 security, enhancement & bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:6832