Certificate CN is not getting updated within the cert-migration playbook
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| StarlingX |
Fix Released
|
Medium
|
Marcelo de Castro Loebens | ||
Bug Description
Brief Description
-----------------
The playbook that migrates certificates to cert-manager support a field provided by the user (subject_CN) to define the CommonName (CN) of the cert . However, the OAM IP is being used instead of the value provided by the user.
Severity
--------
Minor.
Steps to Reproduce
------------------
Follow the steps in https:/
Expected Behavior
------------------
After the execution of the playbook, the CommonName (CN) field for the certificate should be updated.
Actual Behavior
----------------
The CN is created as the OAM IP value.
Reproducibility
---------------
100%.
System Configuration
-------
Simplex.
Branch/Pull Time/Commit
-------
Master.
Last Pass
---------
NA.
Timestamp/Logs
--------------
NA
Test Activity
-------------
Developer Testing
Workaround
----------
Not really needed, shoudn't cause more significant problems.
If required, the command:
kubectl patch certificate <CERTIFICATE> -n <NAMESPACE> --type 'json' -p='[{"op": "add", "path": "/spec/commonName", "value": "<SUBJECT_CN>"}]'
can edit the certificate after the playbook is executed.
| Changed in starlingx: | |
| assignee: | nobody → Marcelo de Castro Loebens (mdecastr) |
| Changed in starlingx: | |
| importance: | Undecided → Medium |
| tags: | added: stx.9.0 stx.security |
| Ghada Khalil (gkhalil) wrote | #1 |
| Ghada Khalil (gkhalil) wrote | #2 |
| Changed in starlingx: | |
| status: | New → Fix Released |
| Changed in starlingx: | |
| status: | Fix Released → In Progress |
| Changed in starlingx: | |
| status: | In Progress → Fix Released |
Review: https:/