Bug 2218492 - Pass-through CA certificates to Velero not working
Summary: Pass-through CA certificates to Velero not working
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat OpenShift Data Foundation
Classification: Red Hat Storage
Component: odf-dr
Version: 4.13
Hardware: Unspecified
OS: Unspecified
unspecified
urgent
Target Milestone: ---
: ODF 4.14.0
Assignee: Shyamsundar
QA Contact: krishnaram Karthick
URL:
Whiteboard:
Depends On: 2218316 2219395
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-06-29 10:59 UTC by pallavi
Modified: 2023-11-08 18:53 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-11-08 18:52:10 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github RamenDR ramen pull 925 0 None Merged Pass-through CA certificates to Velero 2023-06-30 14:45:56 UTC
Red Hat Product Errata RHSA-2023:6832 0 None None None 2023-11-08 18:53:09 UTC

Description pallavi 2023-06-29 10:59:38 UTC 
Description of problem (please be detailed as possible and provide log
snippests):
Pass-through CA certificates to Velero not working leading to issues in communication of velero and https based S3 store while using ShioRamen functionality of Ramen product.


Version of all relevant components (if applicable): 4.13


Does this issue impact your ability to continue to work with the product
(please explain in detail what is the user impact)? yes


Is there any workaround available to the best of your knowledge?


Rate from 1 - 5 the complexity of the scenario you performed that caused this
bug (1 - very simple, 5 - very complex)?  1 


Can this issue reproducible? yes


Can this issue reproduce from the UI? yes


If this is a regression, please provide more details to justify this:



Steps to reproduce
1. Configured CA Certificates in DataProtectionApplication Instance of OADP operator
2. Configured CA Certificates in ramen-dr-config-map
3. Given CA certificates not preserved in BSL instance.


Actual results: CA certificates should be preserved in BSL instances


Expected results:  CA certificates not getting preserved in BSL instances


Additional info:
Comment 3 bhatfiel 2023-06-29 12:37:59 UTC 
Prior to this BZ filing, an upstream tracker indicated the CA certificates pass-through patch was "working as expected".
https://github.com/RamenDR/ramen/issues/940#issuecomment-1611093647

Does a problem still exist?  Or is this BZ a request to merge the upstream patch downstream?
Comment 4 Shyamsundar 2023-06-29 13:00:13 UTC 
Raised a BZ yesterday to backport the required caCert changes to 4.13.z release here bz #2218316
Comment 5 pallavi 2023-06-29 13:21:48 UTC 
Problem does not exist now. Reported bug here in order to merge it in downstream branch
Comment 6 Shyamsundar 2023-08-01 01:44:45 UTC 
Part of release-4.14 code base: commit ID 512700598f133f28b7e8bbeae78e6825812d7856

Was brought in as part of rebase to main and creating the 4.14 branch.
Comment 10 pallavi 2023-08-25 12:26:05 UTC 
Tested this fix and it seems to be working fine.
Comment 11 krishnaram Karthick 2023-09-20 04:54:00 UTC 
Moving the bug to verified based on the above comment.
Comment 16 errata-xmlrpc 2023-11-08 18:52:10 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Red Hat OpenShift Data Foundation 4.14.0 security, enhancement & bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:6832
Note You need to log in before you can comment on or make changes to this bug.