dcmanager kube-rootca-update-strategy create with expired date should be blocked
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Low
|
Al Bailey |
Bug Description
Brief Description
dcmanager kube-rootca-
Severity
Provide the severity of the defect.
Minor
Steps to Reproduce
1)creating an update strategy with dcmanager commands is allowed but the same is blocked with sw-manager commands
dcmanager kube-rootca-
+------
| Field | Value |
+------
| strategy type | kube-rootca-update |
| subcloud apply type | None |
| max parallel subclouds | None |
| stop on failure | False |
| state | initial |
| created_at | 2021-10-
| updated_at | None |
+------
(NFV code blocks it)
sw-manager kube-rootca-
Operation failed: New k8s rootCA should have at least 24 hours of validation before expiry
Strategy creation failed
sw-manager kube-rootca-
Operation failed: New k8s rootCA should have at least 24 hours of validation before expiry
Strategy creation failed
Expected Behavior
creating a cert with expired date should be blocked
Actual Behavior
currently it is being allowed
Reproducibility
100%
System Configuration
Distributed Cloud
Branch/Pull Time/Commit
Oct 25 2021
Last Pass
new feature testing
Timestamp/Logs
N/A (this is a CLI issue)
Alarms
N/A
Test Activity
Feature testing
Workaround
apply the strategy. it will fail when it gets to the sysinv code that tries to generate the invalid cert.
Changed in starlingx: | |
assignee: | nobody → Al Bailey (albailey1974) |
Changed in starlingx: | |
importance: | Undecided → Low |
tags: | added: stx.6.0 stx.distcloud |
Fix proposed to branch: master /review. opendev. org/c/starlingx /distcloud/ +/815912
Review: https:/