1727282 – ca.crt is not set properly when creating identity providers in the web console

Bug 1727282 - ca.crt is not set properly when creating identity providers in the web console

Summary: ca.crt is not set properly when creating identity providers in the web console

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Management Console
Sub Component:
Version:	4.1.z
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	---
Target Release:	4.2.0
Assignee:	Samuel Padgett
QA Contact:	Yadan Pei
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1726056 (view as bug list)
Depends On:
Blocks:	1727308
TreeView+	depends on / blocked

Reported:	2019-07-05 11:15 UTC by Sergio G.
Modified:	2020-08-25 01:02 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	Previously, the ca.crt value for OpenID identity providers was not set properly when created through the web console. The problem has been fixed, and the ca.crt is now correctly set.
Clone Of:
Clones:	1727308 (view as bug list)
Environment:
Last Closed:	2019-10-16 06:33:09 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	openshift console pull 1931	0	None	closed	Bug 1727282: Correctly set config map contents for IDP CA certificates	2020-08-25 00:33:38 UTC
Red Hat Product Errata	RHBA-2019:2922	0	None	None	None	2019-10-16 06:33:19 UTC

Description Sergio G. 2019-07-05 11:15:43 UTC

Description of problem:
When using the management console to add and OpenID IdentityProvider the secret with the CA is created empty.


Version-Release number of selected component (if applicable):
4.1


How reproducible:
Always


Steps to Reproduce:
1. Add an OpenID provider using the management console with a file uploaded as CA using the form
2. Check the oauth CRD
$ oc get -o yaml oauth cluster | grep "name: openid-ca-"
        name: openid-ca-87tsz
2. Check the configmap
$ oc get configmap -n openshift-config openid-ca-87tsz
NAME              DATA   AGE
openid-ca-87tsz   0      15s


Actual results:
The configmap is empty.


Expected results:
The configmap should contain the content of the uploaded file


Additional info:

Comment 1 Samuel Padgett 2019-07-05 16:23:09 UTC

*** Bug 1726056 has been marked as a duplicate of this bug. ***

Comment 2 Samuel Padgett 2019-07-06 11:47:52 UTC

https://github.com/openshift/console/pull/1931

Comment 4 XiaochuanWang 2019-07-08 08:25:55 UTC

This is fixed on registry.svc.ci.openshift.org/ocp/4.2-2019-07-08-052647@sha256:432a7353f9133eff713844c7a6f2e50e793b2b0cdddc76bd09e9106985c20270

After OAuth created by console (step1 was elaborated from bug #1726056), generated configmap does has data content with the key "ca.crt"
This bug could be marked as Verified.

Comment 6 Alex Crawford 2019-07-08 23:10:28 UTC

XiaochuanWang, can you move this back into VERIFIED?

Comment 7 errata-xmlrpc 2019-10-16 06:33:09 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:2922

Note You need to log in before you can comment on or make changes to this bug.