Skip to content

[release-4.20] OCPBUGS-76349: Remove duplicated openssl parameter#2901

Open
openshift-cherrypick-robot wants to merge 1 commit intoopenshift:release-4.20from
openshift-cherrypick-robot:cherry-pick-2899-to-release-4.20
Open

[release-4.20] OCPBUGS-76349: Remove duplicated openssl parameter#2901
openshift-cherrypick-robot wants to merge 1 commit intoopenshift:release-4.20from
openshift-cherrypick-robot:cherry-pick-2899-to-release-4.20

Conversation

@openshift-cherrypick-robot
Copy link

@openshift-cherrypick-robot openshift-cherrypick-robot commented Feb 6, 2026

This is an automated cherry-pick of #2899

/assign openshift-cherrypick-robot

@mkowalski
OCPBUGS-74401: Remove duplicated openssl parameter
94f2476 
We are getting the following error

```
  openssl req -new -text -extensions v3_req -addext 'subjectAltName = DNS:...' -subj /C=US/O=ovnkubernetes/OU=kind/CN=... -key ... -out ...
  Error adding request extensions defined via -addext
  error:0580008C:x509 certificate routines:X509at_add1_attr_by_NID:duplicate attribute:crypto/x509/x509_att.c:194:
```

so we are removing the `v3_req` from the openssl call as it seems to be
now a default in openssl.cnf

In order to preserve backwards compatibility, we are handling both
scenarios.

A respective change in ovn-kubernetes upstream is
ovn-kubernetes/ovn-kubernetes#5574.

Fixes: OCPBUGS-74401
@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Feb 6, 2026
Merged
@coderabbitai
Copy link

coderabbitai bot commented Feb 6, 2026
edited
Loading

Important

Review skipped

Auto reviews are limited based on label configuration.

🚫 Review skipped — only excluded labels are configured. (1)
  • do-not-merge/work-in-progress

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Comment @coderabbitai help to get the list of available commands and usage tips.

@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Feb 6, 2026

@openshift-cherrypick-robot: Jira Issue OCPBUGS-76285 has been cloned as Jira Issue OCPBUGS-76349. Will retitle bug to link to clone.
/retitle [release-4.20] OCPBUGS-76349: Remove duplicated openssl parameter

Details

In response to this:

This is an automated cherry-pick of #2899

/assign openshift-cherrypick-robot

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci bot changed the title [release-4.20] OCPBUGS-76285: Remove duplicated openssl parameter [release-4.20] OCPBUGS-76349: Remove duplicated openssl parameter Feb 6, 2026
@openshift-ci-robot openshift-ci-robot added jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Feb 6, 2026
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Feb 6, 2026

@openshift-cherrypick-robot: This pull request references Jira Issue OCPBUGS-76349, which is invalid:

  • expected dependent Jira Issue OCPBUGS-76285 to be in one of the following states: VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA), but it is MODIFIED instead

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

This is an automated cherry-pick of #2899

/assign openshift-cherrypick-robot

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci bot requested review from miheer and tssurya February 6, 2026 16:32
@sdodson sdodson added approved Indicates a PR has been approved by an approver from all required OWNERS files. backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. labels Feb 6, 2026
@sdodson sdodson added the lgtm Indicates that a PR is ready to be merged. label Feb 6, 2026
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Feb 6, 2026

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by: openshift-cherrypick-robot

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@sdodson
Copy link
Member

sdodson commented Feb 12, 2026

/jira refresh

@openshift-ci-robot openshift-ci-robot added jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. and removed jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Feb 12, 2026
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Feb 12, 2026

@sdodson: This pull request references Jira Issue OCPBUGS-76349, which is valid. The bug has been moved to the POST state.

7 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target version (4.20.z) matches configured target version for branch (4.20.z)
  • bug is in the state New, which is one of the valid states (NEW, ASSIGNED, POST)
  • release note text is set and does not match the template
  • dependent bug Jira Issue OCPBUGS-76285 is in the state Verified, which is one of the valid states (VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA))
  • dependent Jira Issue OCPBUGS-76285 targets the "4.21.z" version, which is one of the valid target versions: 4.21.0, 4.21.z
  • bug has dependents

Requesting review from QA contact:
/cc @anuragthehatter

Details

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@sdodson
Copy link
Member

sdodson commented Feb 12, 2026

/verified by CI

@openshift-ci-robot openshift-ci-robot added the verified Signifies that the PR passed pre-merge verification criteria label Feb 12, 2026
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Feb 12, 2026

@sdodson: This PR has been marked as verified by CI.

Details

In response to this:

/verified by CI

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@sdodson
Copy link
Member

sdodson commented Feb 18, 2026

/retest-required

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Feb 18, 2026

@openshift-cherrypick-robot: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/security 94f2476 link false /test security
ci/prow/4.20-upgrade-from-stable-4.19-e2e-gcp-ovn-upgrade 94f2476 link false /test 4.20-upgrade-from-stable-4.19-e2e-gcp-ovn-upgrade
ci/prow/4.20-upgrade-from-stable-4.19-e2e-azure-ovn-upgrade 94f2476 link false /test 4.20-upgrade-from-stable-4.19-e2e-azure-ovn-upgrade
ci/prow/e2e-aws-ovn-serial-1of2 94f2476 link true /test e2e-aws-ovn-serial-1of2
ci/prow/e2e-gcp-ovn 94f2476 link true /test e2e-gcp-ovn
ci/prow/e2e-azure-ovn-upgrade 94f2476 link true /test e2e-azure-ovn-upgrade

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@sdodson
Copy link
Member

sdodson commented Feb 18, 2026

INFO[2026-02-18T04:10:10Z] RELEASE_IMAGE_LATEST is an empty string, exiting on all of these, looks not related but instead an infra issue. Retrying.

/retest-required

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@miheer miheer Awaiting requested review from miheer

@tssurya tssurya Awaiting requested review from tssurya

@anuragthehatter anuragthehatter Awaiting requested review from anuragthehatter

Assignees

@mffiedler mffiedler

@openshift-cherrypick-robot openshift-cherrypick-robot

@anuragthehatter anuragthehatter

@huiran0826 huiran0826

@asood-rh asood-rh

@jechen0648 jechen0648

@imatza-rh imatza-rh

@qiowang721 qiowang721

@Meina-rh Meina-rh

@barbora137 barbora137

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged. verified Signifies that the PR passed pre-merge verification criteria

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Comments