waiting for 4.1 branch to open up
PR https://github.com/openshift/jenkins/pull/856 is up for 4.1 ... will merge when release opens up post GA
@XiuJuan Yeah this problem does not arise with an "out of the box" configuration using the 4.x installer against AWS. Some additional configuration around the certs used by the jenkins SA (more or less an api server cert in practice) and the cert used for the router that handles the openshift oauth server is needed to render the jenkins SA cert incompatible with the openshift oauth server router cert. You'll need to talk to Justin Pierce and/or Mo Khan for the specific step (both are on on CC: in this bug) if you want to go down that path. Raise a needinfo against one of them as needed.
It would be great to have this in the next patch release. Default for the Jenkins templates is to enable OAUTH. And this breaks OAUTH. At least on our cluster with Let's Encrypt Certs.
Putting this under consideration for 4.1.3, since this issue impacts starter clusters.
*** Bug 1721760 has been marked as a duplicate of this bug. ***
PR https://github.com/openshift/jenkins/pull/856 has merged and Opened https://jira.coreos.com/browse/ART-681 to get jenkins plugin rpm updated ... combination of 4 recent plugin updates for 4.1
osbs brew distgit http://pkgs.devel.redhat.com/cgit/rpms/jenkins-2-plugins/commit/?h=rhaos-4.1-rhel-7&id=495d2aabfadfe7c6ecdd16dd151ed741b76052d1
The default installed openshift-login is still 1.0.16, wait for new nightly build comes out. Checked the lastest nightly build 4.1.0-0.nightly-2019-06-20-015058
Can't reproduce this bug with the signed certificate configured cluster. openshift-login: 1.0.19 Test with jenkins quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:8043331ad4bfe03e84bf0c691267fbf0331ed9eb807f2dfdbbb683a373c75114
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:1635