Bug 1833122 - kube-sceduler-operator targetconfig controller uses legacy router configmap
Summary: kube-sceduler-operator targetconfig controller uses legacy router configmap
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: kube-scheduler
Version: 4.5
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 4.4.z
Assignee: Maciej Szulik
QA Contact: RamaKasturi
: 1833120 (view as bug list)
Depends On: 1830406
Blocks: 1833120
TreeView+ depends on / blocked
Reported: 2020-05-07 20:27 UTC by Daneyon Hansen
Modified: 2020-06-23 00:57 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of: 1830406
Last Closed: 2020-06-23 00:57:24 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github openshift cluster-kube-scheduler-operator pull 247 0 None closed [release-4.4] Bug 1833122: Have targetconfig controller use cm/default-ingress-cert 2020-07-23 15:47:54 UTC
Red Hat Product Errata RHBA-2020:2580 0 None None None 2020-06-23 00:57:39 UTC

Comment 1 Maciej Szulik 2020-05-11 10:12:48 UTC
*** Bug 1833120 has been marked as a duplicate of this bug. ***

Comment 2 Maciej Szulik 2020-05-20 08:25:42 UTC
PRs in the queue.

Comment 5 RamaKasturi 2020-06-15 16:41:28 UTC
Verified with the payload below and did not find any references to router-ca in audit logs for 4.4 cluster.

[ramakasturinarra@dhcp35-60 ~]$ oc get clusterversion
NAME      VERSION                             AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.4.0-0.nightly-2020-06-14-142924   True        False         5h44m   Cluster version is 4.4.0-0.nightly-2020-06-14-142924

Below are the steps followed to verify the bug:
1) Install 4.4 cluster with latest build
2) oc project "openshift-kube-apiserver"
3) oc cp <kube-apiserver-pod-name>:/var/log/kube-apiserver/audit.log /tmp/oc44.log
4) cat /tmp/oc45.log | grep "router-ca"
[ramakasturinarra@dhcp35-60 cucushift]$ cat /tmp/oc44.log | grep "router-ca"
[ramakasturinarra@dhcp35-60 cucushift]$ 
[ramakasturinarra@dhcp35-60 cucushift]$ cat /tmp/oc44.log | grep "default-ingress-cert" | wc -l
Based on the above  moving the bug to verified state.

Comment 7 errata-xmlrpc 2020-06-23 00:57:24 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.