Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1868257

Summary: [4.5] Handling of Ingress operator expired token (backport)
Product: OpenShift Container Platform Reporter: Felipe M <fmarting>
Component: NetworkingAssignee: Miciah Dashiel Butler Masters <mmasters>
Networking sub component: router QA Contact: Hongan Li <hongli>
Status: CLOSED ERRATA Docs Contact:
Severity: low    
Priority: unspecified CC: amcdermo, aos-bugs, dhansen
Version: 4.5   
Target Milestone: ---   
Target Release: 4.5.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-09-21 17:42:05 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1854383    
Bug Blocks:    

Description Felipe M 2020-08-12 06:59:35 UTC 
Backport from https://bugzilla.redhat.com/show_bug.cgi?id=1854383

---

Original description:

Description of problem:
The ingress operator fails to ensure a DNSRecord due to errors refreshing the token, restarting the operator fixes the issue.

Version-Release number of selected component (if applicable):
4.4

How reproducible:
Start the Ingress Operator with a valid token.
Expire/Revoke that token manually or edit the secret to make it fail refreshing.
Operator should get in degraded status and DNSRecord should fail updating.

Steps to Reproduce:
--

Actual results:
Ingress operator move to degraded state, and start retrying the calls.

Expected results:
1) After n subsequent retries, ingress operator requests a new credential token from the cloud credential operator
2) Operator handlers an authentication error over other errors and request a new credential or restarts itself logging the error.

Additional info:
I will try to get as much information from the client as possible.

Workaround:
Restarting the operator
Comment 4 Miciah Dashiel Butler Masters 2020-08-21 05:08:38 UTC 
We'll look into doing the backport this upcoming sprint.
Comment 6 Andrew McDermott 2020-09-10 11:58:35 UTC 
I’m adding UpcomingSprint, because I was occupied by fixing bugs with
higher priority/severity, developing new features with higher
priority, or developing new features to improve stability at a macro
level. I will revisit this bug next sprint.
Comment 7 Miciah Dashiel Butler Masters 2020-09-11 19:27:51 UTC 
The backport is merged but still needs to be verified.
Comment 10 Hongan Li 2020-09-15 03:08:10 UTC 
verified with 4.5.0-0.nightly-2020-09-11-211229 and passed.
Comment 12 errata-xmlrpc 2020-09-21 17:42:05 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.5.11 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:3719