Bug 1969989 - KMS connection details for new storageclass can not be changed in StorageClass creation form after 9 connection details are stored in csi-kms-connection-details configmap
Summary: KMS connection details for new storageclass can not be changed in StorageClas...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Console Storage Plugin
Version: 4.8
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: 4.9.0
Assignee: Sanjal Katiyar
QA Contact: Rachael
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-06-09 15:13 UTC by Filip Balák
Modified: 2021-10-18 17:33 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1971560 (view as bug list)
Environment:
Last Closed: 2021-10-18 17:33:22 UTC
Target Upstream Version:
Embargoed:
skatiyar: needinfo-

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift console pull 9409 0 None open Bugs Related to StorageClass KMS flow 2021-07-06 08:10:59 UTC
Red Hat Product Errata RHSA-2021:3759 0 None None None 2021-10-18 17:33:39 UTC

Description Filip Balák 2021-06-09 15:13:24 UTC 
Description of problem (please be detailed as possible and provide log
snippests):
If user creates 10 connection details in csi-kms-connection-details configmap (from StorageClass creation form) then every time user tries to create StorageClass with new connection details, connection details with id: 9-vault.
(are connection details in the form selected alphabetically and not by order of creation?)

Version of all relevant components (if applicable):
OCP 4.8.0-0.nightly-2021-06-07-034343
OCS ocs-operator.v4.8.0-409.ci

Rate from 1 - 5 the complexity of the scenario you performed that caused this
bug (1 - very simple, 5 - very complex)?
1

Can this issue reproducible?
yes

Can this issue reproduce from the UI?
yes


Steps to Reproduce:
1. Navigate to Storage -> StorageClasses in OCP Console.
2. Click "Create StorageClass"
3. Fill the form and select "openshift-storage.rbd.csi.ceph.com" as Provisioner
4. Select "Enable Encryption".
5. Provide connection details.
6. Click "Save"
7. Repeat steps 5 and 6 multiple times until there is at least 10 connection details in csi-kms-connection-details configmap.

Actual results:
After there is at least 9 connection details, connection details in form do not change after "Save" is clicked and user can not create a new StorageClass with new connection details to KMS.

Expected results:
User should be able to create new storageclass with new connection details to KMS even when there already exist more connection details.

Additional info:
Comment 2 Sébastien Han 2021-06-09 16:55:43 UTC 
Moving to UI.
Comment 5 Mudit Agarwal 2021-06-14 10:39:44 UTC 
Sanjal, this is a blocker for 4.8 not 4.9
Comment 8 Ankush Behl 2021-06-14 10:49:17 UTC 
IMO we should not allow using the same name for the same KMS service.
 
This is not a blocker issue as I don't think the user will use 9 different vault servers with a single OCP instance.
Comment 15 errata-xmlrpc 2021-10-18 17:33:22 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:3759
Note You need to log in before you can comment on or make changes to this bug.