NO-JIRA: Fix base64 encoding for rendered CA bundles

[kyrtapz]

Kubernetes requires standard base64 encoding.
I haven't found it stated anywhere explicitly but it is using golang JSON marshaling for []byte and it relies on std encoding/decoding: https://github.com/golang/go/blob/master/src/encoding/json/decode.go#L949

While I think the fix is correct this never broke in the past because we are encoding PEM encoded certificate producing a compatible result.

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: kyrtapz

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [kyrtapz]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coderabbitai]

Important

Review skipped

Auto reviews are limited based on label configuration.

🚫 Review skipped — only excluded labels are configured. (1)

• do-not-merge/work-in-progress

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

• 🔍 Trigger a full review

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[kyrtapz]

/hold cancel

[kyrtapz]

/retest

[openshift-ci-robot]

@kyrtapz: This pull request explicitly references no jira issue.

Details

In response to this:

Kubernetes requires standard base64 encoding.
I haven't found it stated anywhere explicitly but it is using golang JSON marshaling for []byte and it relies on std encoding/decoding: https://github.com/golang/go/blob/master/src/encoding/json/decode.go#L949

While I think the fix is correct this never broke in the best because we are mostly encoding PEM encoded certificate producing a compatible result.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

@kyrtapz: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/e2e-ovn-ipsec-step-registry	d8c71aa	link	true	/test e2e-ovn-ipsec-step-registry
ci/prow/4.22-upgrade-from-stable-4.21-e2e-azure-ovn-upgrade	d8c71aa	link	false	/test 4.22-upgrade-from-stable-4.21-e2e-azure-ovn-upgrade
ci/prow/e2e-aws-ovn-upgrade-ipsec	d8c71aa	link	true	/test e2e-aws-ovn-upgrade-ipsec
ci/prow/hypershift-e2e-aks	d8c71aa	link	true	/test hypershift-e2e-aks
ci/prow/security	d8c71aa	link	false	/test security
ci/prow/e2e-metal-ipi-ovn-ipv6-ipsec	d8c71aa	link	true	/test e2e-metal-ipi-ovn-ipv6-ipsec

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.