Hide Forgot
Description of problem: When IdentityProvider for OpenID login is configured in the inventory with the key/value pair "'ca': ''", and run the openshift-master/config.yml playbook, in the master-config.yml appears a line defining the key "ca" with a filename /etc/origin/master/<providername>_openid_ca.crt. The configuration with the playbook runs without errors. But the login with this IdentityProvider is not possible. After a "restart_master api/controllers" on every master, the startup doesn't work. There is an error in the "master-logs api api" saying "file not found /etc/origin/master/<providername>_openid_ca.crt". Inventory: openshift_master_identity_providers=[{"name": "OpenID", "login": "true", "challenge": "true", "mappingMethod": "add", "kind": "OpenIDIdentityProvider", "ca": "", ... }] Master-config gets configured as: - name: OpenID provider: apiVersion: v1 ca: /etc/origin/master/<providername>_openid_ca.crt But it should be configured as: - name: OpenID provider: apiVersion: v1 ca: '' If define "openshift_master_openid_ca_file" variable with an empty value in the inventory, then there is an error while running the master/config.yml saying "File lookup error" This issue is very similar to BZ 1627764, but that issue was fixed just for LDAP identity provider. Version-Release number of the following components: 3.11.98 How reproducible: Configure inventory with OpenIDIdentityProvider and empty ca and run master/config.yml Steps to Reproduce: 1. Configure inventory with OpenIDIdentityProvider with an empty ca openshift_master_identity_providers=[{"name": "OpenID", "login": "true", "challenge": "true", "mappingMethod": "add", "kind": "OpenIDIdentityProvider", "ca": "", ... }] 2. Run master/config.yml Actual results: master-config.yml: - name: OpenID provider: apiVersion: v1 ca: /etc/origin/master/<providername>_openid_ca.crt Expected results: master-config.yml: - name: OpenID provider: apiVersion: v1 ca: ''