Description of Problem: cacert file path generated by CCO is not correct for SSC OSP16 cluster Version-Release number of selected component (if applicable): 4.6.0-0.nightly-2020-09-17-195238 How Reproducible: Always Steps to Reproduce: 1. Install an OCP4.6 cluster on a SSC OSP16 cluster 2. Check the secret created by CCO Actual Results: ]$ oc get credentialsrequests.cloudcredential.openshift.io manila-csi-driver-operator -n openshift-cloud-credential-operator -o json|jq .spec { "providerSpec": { "apiVersion": "cloudcredential.openshift.io/v1", "kind": "OpenStackProviderSpec" }, "secretRef": { "name": "manila-cloud-credentials", "namespace": "openshift-cluster-csi-drivers" } } $ oc get secret manila-cloud-credentials -n openshift-cluster-csi-drivers -ojson| jq .data { "clouds.yaml": "BASE64 encode string" } $ echo BASE64 encode string|base64 -d clouds: openstack: auth: auth_url: XXXXXX password: XXXX project_id: 86cb1a7c2dd04e1ea26087255744db1b project_name: shiftstack user_domain_name: Default username: shiftstack_user cacert: /home/jenkins/workspace/Launch Environment Flexy/workdir/cacert.crt.20200918-419-1lzytgo endpoint_type: public identity_api_version: "3" region_name: regionOne verify: true When creating a manila share PVC, PV provisioned failed for: Warning ProvisioningFailed <invalid> (x7 over <invalid>) manila.csi.openstack.org_openstack-manila-csi-controllerplugin-59c6c8cc4-rvbx6_9f013ff7-88c6-47d8-bf30-b868a57db2a7 failed to provision volume with StorageClass "csi-manila-nfs": rpc error: code = Unauthenticated desc = failed to create Manila v2 client: failed to authenticate: failed to read and parse /home/jenkins/workspace/Launch Environment Flexy/workdir/cacert.crt.20200918-419-1lzytgo certificate: open /home/jenkins/workspace/Launch Environment Flexy/workdir/cacert.crt.20200918-419-1lzytgo: no such file or directory Expected Results: cacert file path is a valid file path Additional Info:
Checked with: 4.6.0-0.nightly-2020-09-27-075304 Now the manila csi driver controller does not use the wrong profile, PV can be provisioned successfully. So, I'll remove the testblocker keyword, and update the priority and severity. But keep the cacert "/home/jenkins/workspace/Launch Environment Flexy/workdir/cacert.crt.20200918-419-1lzytgo" in manila-could-credentials secret is still a little wired, so I'll assign this bug back.
Moving back to ON_QA as the original defect was closed already by https://github.com/openshift/csi-driver-manila-operator/pull/64. I'm creating a new BZ, targeted at 4.7, for the issue that was later reported about the confusing path in manila-could-credentials secret.
Here is the new BZ for the path issue in generated file: https://bugzilla.redhat.com/show_bug.cgi?id=1884558
Move to verified according to https://bugzilla.redhat.com/show_bug.cgi?id=1880896#c3 and https://bugzilla.redhat.com/show_bug.cgi?id=1880896#c4
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:4196