Certificate CN is not getting updated within the cert-migration playbook
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Medium
|
Marcelo de Castro Loebens |
Bug Description
Brief Description
-----------------
The playbook that migrates certificates to cert-manager support a field provided by the user (subject_CN) to define the CommonName (CN) of the cert . However, the OAM IP is being used instead of the value provided by the user.
Severity
--------
Minor.
Steps to Reproduce
------------------
Follow the steps in https:/
Expected Behavior
------------------
After the execution of the playbook, the CommonName (CN) field for the certificate should be updated.
Actual Behavior
----------------
The CN is created as the OAM IP value.
Reproducibility
---------------
100%.
System Configuration
-------
Simplex.
Branch/Pull Time/Commit
-------
Master.
Last Pass
---------
NA.
Timestamp/Logs
--------------
NA
Test Activity
-------------
Developer Testing
Workaround
----------
Not really needed, shoudn't cause more significant problems.
If required, the command:
kubectl patch certificate <CERTIFICATE> -n <NAMESPACE> --type 'json' -p='[{"op": "add", "path": "/spec/commonName", "value": "<SUBJECT_CN>"}]'
can edit the certificate after the playbook is executed.
Changed in starlingx: | |
assignee: | nobody → Marcelo de Castro Loebens (mdecastr) |
Changed in starlingx: | |
importance: | Undecided → Medium |
tags: | added: stx.9.0 stx.security |
Changed in starlingx: | |
status: | Fix Released → In Progress |
Changed in starlingx: | |
status: | In Progress → Fix Released |
Review: https:/ /review. opendev. org/c/starlingx /ansible- playbooks/ +/874249