Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1508388

Summary: [3.7] Router certificate didn't get updated after running redeploy-router-certificates.yml
Product: OpenShift Container Platform Reporter: Gaoyun Pei <gpei>
Component: InstallerAssignee: Scott Dodson <sdodson>
Status: CLOSED DEFERRED QA Contact: Gaoyun Pei <gpei>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.7.0CC: aos-bugs, beiming.wang, jokerman, mmccomas
Target Milestone: ---   
Target Release: 3.7.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1543256 (view as bug list) Environment:
Last Closed: 2018-11-15 21:31:56 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1543256    

Description Gaoyun Pei 2017-11-01 11:12:18 UTC 
Description of problem:
After running redeploy-router-certificates.yml playbook, router certificates used in router-certs secret was not updated.

Version-Release number of the following components:
openshift-ansible-3.7.0-0.189.0.git.0.d497c5e.el7.noarch

How reproducible:
Always

Steps to Reproduce:
1. Check router-certs secret on an ocp-3.7 cluster
[root@ip-172-18-11-75 ~]# oc get secret router-certs -o yaml
apiVersion: v1
data:
  tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0
...
GSUNBVEUtLS0tLQo=
  tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVk
...
tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==
kind: Secret
metadata:
  creationTimestamp: 2017-11-01T08:58:33Z
  name: router-certs
  namespace: default
  resourceVersion: "2242"
  selfLink: /api/v1/namespaces/default/secrets/router-certs
  uid: d6b69c74-bee2-11e7-b7a8-0e6254915fa6
type: kubernetes.io/tls


2. Run redeploy-router-certificates.yml playbook
ansible-playbook -i host /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-cluster/redeploy-router-certificates.yml

3. Check the router-certs secret again, it's still the same as before


Actual results:
Ansible output with '-v' attached

Expected results:

Additional info:
Comment 2 Russell Teague 2018-11-15 21:31:56 UTC 
There are no active cases related to this bug. As such we're closing this bug in order to focus on bugs that are still tied to active customer cases. Please re-open this bug if this bug becomes relevant to an open customer case.