Description of problem: TLS keys and certificates not added to image registry routes. Version-Release number of selected component (if applicable): v4.1.0 How reproducible: Always Steps to Reproduce: 1. Create a TLS keypair via openssl 2. Using the keypair, create a TLS secret in the image-registry namespace: ``` $ oc create secret tls my-tls -n image-registry --cert my-tls.crt --key my-tls.key1 ``` 3. Instruct the registry operator to create a route with the provided tls secret ``` $ oc edit config.imageregistry.operator.openshift/io/cluster ... spec: routes: - name: registry-url hostname: registry.apps.mycluster.myorg.net secretName: my-tls ``` Actual results: Route `registry-url` is created without TLS certificates added. Expected results: Route `registry-url` should have the TLS key and certificate defined. Additional info:
https://github.com/openshift/cluster-image-registry-operator/pull/299
Verified on 4.2.0-0.nightly-2019-06-25-222454 with below steps: 1. $openssl req -nodes -newkey rsa:2048 -keyout myregistry.key -out myregistry.crt -x509 2. $ oc create secret tls my-tls -n openshift-image-registry --cert myregistry.crt --key myregistry.key 3. $ oc edit config.imageregistry.operator.openshift.io/cluster spec: routes: - name: myregistry hostname: wzheng-route-openshift-image-registry.apps.qe-wewang-42.qe.devcluster.openshift.com secretName: my-tls 4. TLS can be seen as below: spec: host: wzheng-route-openshift-image-registry.apps.qe-wewang-42.qe.devcluster.openshift.com subdomain: "" tls: certificate: | -----BEGIN CERTIFICATE----- xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx -----END CERTIFICATE----- key: | -----BEGIN PRIVATE KEY----- -----END PRIVATE KEY----- termination: reencrypt
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:2922