StarlingX

Update oidc certificate yaml

Bug #1994888 reported by Elisamara Aoki Gonçalves
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
Low
Elisamara Aoki Gonçalves

Bug Description

Brief Description
-----------------
The yaml shown in documentation for oidc-auth-apps-certificate.yaml is not correct for cert-manager.io/v1 API.

Severity
--------
<Minor: System/Feature is usable with minor issue>

Steps to Reproduce
------------------

"Set up OIDC Auth Applications", "Procedure", 1. a. A.
The content of oidc-auth-apps-certificate.yaml text box should be (verbatim):

~(keystone_admin)]$ cat <<EOF > oidc-auth-apps-certificate.yaml
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: oidc-auth-apps-certificate
  namespace: kube-system
spec:
  secretName: oidc-auth-apps-certificate
  duration: 2160h # 90 days
  renewBefore: 360h # 15 days
  issuerRef:
    name: system-local-ca
    kind: ClusterIssuer
  commonName: <OAM_floating_IP_address>
  subject:
    organizations:
      - ABC-Company
    organizationalUnits:
      - StarlingX-system-oidc-auth-apps
  ipAddresses:
  - <OAM_floating_IP_address>
EOF

Expected Behavior
------------------
the kubectl apply command should work

Actual Behavior
----------------

The kubectl command responds as follows:

$ kubectl apply -f oidc-auth-apps-certificate.yaml.bk0
error: error validating "oidc-auth-apps-certificate.yaml.bk0": error validating data: [ValidationError(Certificate.spec): unknown field "organizationalUnits" in io.cert-manager.v1.Certificate.spec, ValidationError(Certificate.spec): unknown field "organizations" in io.cert-manager.v1.Certificate.spec]; if you choose to ignore these errors, turn validation off with --validate=false

Reproducibility
---------------
Yes

System Configuration
--------------------
Any. Demonstrated on AIO-SX

Elisamara Aoki Gonçalves (egoncalv)
Changed in starlingx:
assignee: nobody → Elisamara Aoki Gonçalves (egoncalv)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to docs (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/docs/+/862749

Changed in starlingx:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to docs (r/stx.7.0)

Fix proposed to branch: r/stx.7.0
Review: https://review.opendev.org/c/starlingx/docs/+/863367

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to docs (master)

Reviewed: https://review.opendev.org/c/starlingx/docs/+/862749
Committed: https://opendev.org/starlingx/docs/commit/f57ff3fb992b60720fb77417d4fcb4695b59edff
Submitter: "Zuul (22348)"
Branch: master

commit f57ff3fb992b60720fb77417d4fcb4695b59edff
Author: Elisamara Aoki Goncalves <email address hidden>
Date: Wed Oct 26 16:02:13 2022 -0300

    Update oidc certificate yaml (r7,dsR7)

    Closes-bug: 1994888

    Signed-off-by: Elisamara Aoki Goncalves <email address hidden>
    Change-Id: I5018c5acc34ef478c5b768830e0f7ccd5594581d

Changed in starlingx:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to docs (r/stx.7.0)

Reviewed: https://review.opendev.org/c/starlingx/docs/+/863367
Committed: https://opendev.org/starlingx/docs/commit/c1d43dee70585fd5aeb01d4eb25516f0faf415b7
Submitter: "Zuul (22348)"
Branch: r/stx.7.0

commit c1d43dee70585fd5aeb01d4eb25516f0faf415b7
Author: Elisamara Aoki Goncalves <email address hidden>
Date: Wed Oct 26 16:02:13 2022 -0300

    Update oidc certificate yaml (r7,dsR7)

    Closes-bug: 1994888

    Signed-off-by: Elisamara Aoki Goncalves <email address hidden>
    Change-Id: I5018c5acc34ef478c5b768830e0f7ccd5594581d

Ghada Khalil (gkhalil)
Changed in starlingx:
importance: Undecided → Low
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.