Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MGMT-17057: Update auth annotations when regenerating certs found in etcd #112

Merged
merged 1 commit into from
Feb 29, 2024
Merged

MGMT-17057: Update auth annotations when regenerating certs found in etcd #112

merged 1 commit into from
Feb 29, 2024

Conversation

mresvanis
Copy link
Member

This PR ensures that when recert regenerates certs that are found in etcd and include the auth.openshift.io/certificate-not{after,before} annotations, it also updates the latter according to their respective validity period.

@openshift-ci-robot
Copy link
Collaborator

openshift-ci-robot commented Feb 29, 2024
edited by openshift-ci bot
Loading

@mresvanis: This pull request references MGMT-17057 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the task to target the "4.16.0" version, but no target version was set.

In response to this:

This PR ensures that when recert regenerates certs that are found in etcd and include the auth.openshift.io/certificate-not{after,before} annotations, it also updates the latter according to their respective validity period.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Feb 29, 2024

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: mresvanis

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@mresvanis
Copy link
Member Author

/test baremetalds-sno-recert-cluster-rename
/test e2e-aws-ovn-single-node-recert-serial
/test e2e-aws-ovn-single-node-recert-parallel

@mresvanis mresvanis changed the title MGMT-17057: Fix kube-apiserver rollout due to un-synced auth annotations MGMT-17057: Update auth annotations when regenerating certs found in etcd Feb 29, 2024
omertuc
omertuc reviewed Feb 29, 2024
View reviewed changes
@mresvanis mresvanis force-pushed the mgmt-17057-fix-kube-apiserver-rollout branch from 34a80cd to f56da5f Compare February 29, 2024 15:05
@mresvanis
Update auth.openshift.io/certificate-not{after,before} annotations wh…
6c1cae7 
…en regenerating certs

Signed-off-by: Michail Resvanis <mresvani@redhat.com>
@mresvanis mresvanis force-pushed the mgmt-17057-fix-kube-apiserver-rollout branch from f56da5f to 6c1cae7 Compare February 29, 2024 15:14
@omertuc
Copy link
Member

omertuc commented Feb 29, 2024

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Feb 29, 2024
@omertuc
Copy link
Member

omertuc commented Feb 29, 2024

/test baremetalds-sno-recert-cluster-rename
/test e2e-aws-ovn-single-node-recert-serial
/test e2e-aws-ovn-single-node-recert-parallel

@mresvanis mresvanis merged commit c95e571 into rh-ecosystem-edge:main Feb 29, 2024
9 of 11 checks passed
@mresvanis mresvanis deleted the mgmt-17057-fix-kube-apiserver-rollout branch February 29, 2024 17:41
@mresvanis
Copy link
Member Author

/cherry-pick release-4.15

@openshift-cherrypick-robot
Copy link

@mresvanis: #112 failed to apply on top of branch "release-4.15":

Applying: Update auth.openshift.io/certificate-not{after,before} annotations when regenerating certs
Using index info to reconstruct a base tree...
M	src/cluster_crypto/cert_key_pair.rs
Falling back to patching base and 3-way merge...
Auto-merging src/cluster_crypto/cert_key_pair.rs
CONFLICT (content): Merge conflict in src/cluster_crypto/cert_key_pair.rs
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0001 Update auth.openshift.io/certificate-not{after,before} annotations when regenerating certs
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".

In response to this:

/cherry-pick release-4.15

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@omertuc omertuc omertuc left review comments

@eranco74 eranco74 Awaiting requested review from eranco74

Assignees

@omertuc omertuc

Labels
lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@mresvanis @openshift-ci-robot @omertuc @openshift-cherrypick-robot