Description of problem:
In 4.3, we made the cluster-authentication-operator redeploy oauth-server pods when the kubeadmin user gets disabled in order to be able to advertise the token endpoint in case only login flows are available. This redeploy does not take place immediately though, as it should.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. $ watch oc pods -n openshift-authentication
2. $ oc delete secret -n kube-system kubeadmin
Pods are not redeployed immediately, it can take several minutes for the operator to notice
Pods get redeployed immediately once the secret is deleted
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.