OCPBUGS-74401: Remove duplicated openssl parameter#2889
OCPBUGS-74401: Remove duplicated openssl parameter#2889openshift-merge-bot[bot] merged 1 commit intoopenshift:masterfrom
Conversation
|
@mkowalski: This pull request references Jira Issue OCPBUGS-74401, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
WalkthroughAdded a conditional retry around OpenSSL CSR generation in two OVN-Kubernetes IPsec YAMLs: the script first attempts Changes
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Comment |
|
/jira refresh |
|
@mkowalski: This pull request references Jira Issue OCPBUGS-74401, which is valid. The bug has been moved to the POST state. 3 validation(s) were run on this bug
DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/payload-job periodic-ci-openshift-release-master-nightly-4.22-e2e-aws-ovn-serial-ipsec |
|
@mkowalski: trigger 1 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/9017c5b0-fa9a-11f0-8c95-ed7ffe5308d5-0 |
|
/assign @pperiyasamy for review |
|
@tssurya: GitHub didn't allow me to assign the following users: for, review. Note that only openshift members with read permissions, repo collaborators and people who have commented on this issue/PR can be assigned. Additionally, issues/PRs can only have 10 assignees at the same time. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
We are getting the following error ``` openssl req -new -text -extensions v3_req -addext 'subjectAltName = DNS:...' -subj /C=US/O=ovnkubernetes/OU=kind/CN=... -key ... -out ... Error adding request extensions defined via -addext error:0580008C:x509 certificate routines:X509at_add1_attr_by_NID:duplicate attribute:crypto/x509/x509_att.c:194: ``` so we are removing the `v3_req` from the openssl call as it seems to be now a default in openssl.cnf In order to preserve backwards compatibility, we are handling both scenarios. A respective change in ovn-kubernetes upstream is ovn-kubernetes/ovn-kubernetes#5574. Fixes: OCPBUGS-74401
398e573 to
756a7ea
Compare
|
/payload-job periodic-ci-openshift-release-master-nightly-4.22-e2e-aws-ovn-serial-ipsec |
|
@mkowalski: trigger 1 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/9def9d40-fabb-11f0-8b7d-fbf569dc0895-0 |
|
@mkowalski: This pull request references Jira Issue OCPBUGS-74401, which is valid. 3 validation(s) were run on this bug
DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/lgtm The The metal IPsec failures are caused by an ansible galaxy download issue and may pass on a retry. |
|
The 2nd attempt for payload test is also OK -- https://prow.ci.openshift.org/view/gs/test-platform-results/logs/openshift-cluster-network-operator-2889-nightly-4.22-e2e-aws-ovn-serial-ipsec/2015780194219986944 |
|
@coderabbitai review |
✅ Actions performedReview triggered.
|
|
/retest-required |
1 similar comment
|
/retest-required |
|
/pj-rehearse periodic-ci-openshift-release-master-nightly-4.22-e2e-metal-ipi-ovn-ipv6-ipsec |
|
@mkowalski: The following test failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
/override ci/prow/e2e-aws-ovn-upgrade-ipsec |
|
@kyrtapz: Overrode contexts on behalf of kyrtapz: ci/prow/e2e-aws-ovn-upgrade-ipsec DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/override ci/prow/e2e-aws-ovn-upgrade-ipsec |
|
@kyrtapz: Overrode contexts on behalf of kyrtapz: ci/prow/e2e-aws-ovn-upgrade-ipsec DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
2b7b23c
into
openshift:master
|
@mkowalski: Jira Issue Verification Checks: Jira Issue OCPBUGS-74401 Jira Issue OCPBUGS-74401 has been moved to the MODIFIED state and will move to the VERIFIED state when the change is available in an accepted nightly payload. 🕓 DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/jira cherry-pick release-4.22,release-4.21,release-4.20,release-4.19 It came from RHEL9.6 |
|
/jira backport release-4.22,release-4.21,release-4.20,release-4.19 |
|
@mkowalski: Missing required branches for backport chain:
DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/jira backport release-4.23,release-4.22,release-4.21,release-4.20,release-4.19 |
|
@mkowalski: Missing required branches for backport chain:
DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/jira backport main,release-4.23,release-4.22,release-4.21,release-4.20,release-4.19 |
|
@mkowalski: Missing required branches for backport chain:
DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/jira backport release-4.22,release-4.21,release-4.20,release-4.19 |
|
@mkowalski: Missing required branches for backport chain:
DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/jira backport release-4.23,release-4.22,release-4.21,release-4.20,release-4.19 |
|
@mkowalski: Missing required branches for backport chain:
DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/jira refresh |
|
@mkowalski: Jira Issue OCPBUGS-74401 is in an unrecognized state (ON_QA) and will not be moved to the MODIFIED state. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/cherrypick release-4.22 release-4.21 release-4.20 release-4.19 |
|
@mkowalski: new pull request could not be created: failed to create pull request against openshift/cluster-network-operator#release-4.22 from head openshift-cherrypick-robot:cherry-pick-2889-to-release-4.22: status code 422 not one of [201], body: {"message":"Validation Failed","errors":[{"resource":"PullRequest","code":"custom","message":"No commits between openshift:release-4.22 and openshift-cherrypick-robot:cherry-pick-2889-to-release-4.22"}],"documentation_url":"https://docs.github.com/rest/pulls/pulls#create-a-pull-request","status":"422"} DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/cherry-pick release-4.21, release-4.20 |
master fast forwards to release-4.22 only need to pick back to release-4.21 and release-4.20 |
|
@sdodson: cannot checkout DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/cherry-pick release-4.21 release-4.20 |
|
@sdodson: new pull request created: #2899 DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
We are getting the following error
so we are removing the
v3_reqfrom the openssl call as it seems to be now a default in openssl.cnfA respective change in ovn-kubernetes upstream is
ovn-kubernetes/ovn-kubernetes#5574.
In order to preserve backwards compatibility, we are handling both
scenarios.
Fixes: OCPBUGS-74401