Bug 1893351 - TLS secrets are not able to edit on console.
Summary: TLS secrets are not able to edit on console.
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Management Console
Version: 4.5
Hardware: All
OS: All
Target Milestone: ---
: 4.7.0
Assignee: Jakub Hadvig
QA Contact: Yadan Pei
Depends On:
Blocks: 1896149
TreeView+ depends on / blocked
Reported: 2020-10-30 19:34 UTC by V S Krishna
Modified: 2021-09-30 12:53 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: Wrong Secret type determination upon the saving. Consequence: TLS secrets are not able to edit in the console. Fix: Use the secret's 'type' field when updating Secret. Result: TLS secrets are able to be updated.
Clone Of:
Last Closed: 2021-02-24 15:29:18 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github openshift console pull 7071 0 None closed Bug 1893351: Determine Secret type upon the save 2021-02-17 21:42:34 UTC
Red Hat Product Errata RHSA-2020:5633 0 None None None 2021-02-24 15:29:47 UTC

Description V S Krishna 2020-10-30 19:34:13 UTC
Description of problem:

Not possible to edit TLS type secret from the console.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.Create a "TLS"(kubernetes.io/tls) secret:
$ oc create secret tls <secret-n --cert=path/to/tls.cert --key=path/to/tls.key
2.Go to the console,login and navigate to the projecet where the secret is created and try to edit the secret contents.

Actual results:
Unable to modify the secret as while clicking on "Save" option throws":
Error "Invalid value: "Opaque": field is immutable" for field "type"

Expected results:
Secret should be able to edit and modify.

Additional info:

Comment 2 Yadan Pei 2020-11-10 06:50:09 UTC
1. Create a Key/Value secret from console, Add tls.crt and tls.key as secret key, save the changes and the secret type will be set to kubernetes.io/tls
2. Goes to secret details page and Actions -> Edit Secret, Add Key/Value and Save the changes, kubernetes.io/tls type secret can be edited

Verified on 4.7.0-0.nightly-2020-11-09-235738

Comment 4 Yadan Pei 2020-11-20 02:50:35 UTC
We have back ported to 4.6.z and I see no issues back port to 4.5.z from QE's point of view. Let me confirm with Devs

Comment 6 Yadan Pei 2020-12-03 03:37:38 UTC
bug 1900443 is opened to track the backport to 4.5.z

Comment 9 errata-xmlrpc 2021-02-24 15:29:18 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.