1833122 – kube-sceduler-operator targetconfig controller uses legacy router configmap

Bug 1833122 - kube-sceduler-operator targetconfig controller uses legacy router configmap

Summary: kube-sceduler-operator targetconfig controller uses legacy router configmap

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	kube-scheduler
Sub Component:
Version:	4.5
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	4.4.z
Assignee:	Maciej Szulik
QA Contact:	RamaKasturi
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1833120 (view as bug list)
Depends On:	1830406
Blocks:	1833120
TreeView+	depends on / blocked

Reported:	2020-05-07 20:27 UTC by Daneyon Hansen
Modified:	2020-06-23 00:57 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	No Doc Update
Doc Text:
Clone Of:	1830406
Environment:
Last Closed:	2020-06-23 00:57:24 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	openshift cluster-kube-scheduler-operator pull 247	0	None	closed	[release-4.4] Bug 1833122: Have targetconfig controller use cm/default-ingress-cert	2020-07-23 15:47:54 UTC
Red Hat Product Errata	RHBA-2020:2580	0	None	None	None	2020-06-23 00:57:39 UTC

Comment 1 Maciej Szulik 2020-05-11 10:12:48 UTC

*** Bug 1833120 has been marked as a duplicate of this bug. ***

Comment 2 Maciej Szulik 2020-05-20 08:25:42 UTC

PRs in the queue.

Comment 5 RamaKasturi 2020-06-15 16:41:28 UTC

Verified with the payload below and did not find any references to router-ca in audit logs for 4.4 cluster.

[ramakasturinarra@dhcp35-60 ~]$ oc get clusterversion
NAME      VERSION                             AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.4.0-0.nightly-2020-06-14-142924   True        False         5h44m   Cluster version is 4.4.0-0.nightly-2020-06-14-142924


Below are the steps followed to verify the bug:
================================================
1) Install 4.4 cluster with latest build
2) oc project "openshift-kube-apiserver"
3) oc cp <kube-apiserver-pod-name>:/var/log/kube-apiserver/audit.log /tmp/oc44.log
4) cat /tmp/oc45.log | grep "router-ca"
[ramakasturinarra@dhcp35-60 cucushift]$ cat /tmp/oc44.log | grep "router-ca"
[ramakasturinarra@dhcp35-60 cucushift]$ 
[ramakasturinarra@dhcp35-60 cucushift]$ cat /tmp/oc44.log | grep "default-ingress-cert" | wc -l
4
Based on the above  moving the bug to verified state.

Comment 7 errata-xmlrpc 2020-06-23 00:57:24 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:2580

Note You need to log in before you can comment on or make changes to this bug.