Incomplete propagation of the trusted bundle CA certificates to the workspaces #18245
Closed
5 of 22 tasks
Labels
area/che-operator
Issues and PRs related to Eclipse Che Kubernetes Operator
area/che-server
kind/bug
Outline of a bug - must adhere to the bug report template.
severity/P1
Has a major impact to usage or development of the system.
Milestone
Describe the bug
With the Che operator the
ca-certs
config map (mentioned in thespec.server.ServerTrustStoreConfigMapName
custom resource field) has a double purpose:config.openshift.io/inject-trusted-cabundle="true"
label)The bug is that the manually added certificates are not propagated up to the workspaces when creating the
ca-certs
config map in the workspace namespace.Che version
Steps to reproduce
ca-certs
ConfigMap in the namespace of the workspaceExpected behavior
The
ca-certs
config map in the workspace namespace should contain all the keys you manually added in the Che operatorca-certs
ConfigMap at installation, but it doesn't.Runtime
kubectl version
)oc version
)minikube version
andkubectl version
)minishift version
andoc version
)docker version
andkubectl version
)Screenshots
Installation method
chectl version
commandEnvironment
Eclipse Che Logs
Additional context
The error is obviously coming from the fact that the Che server creates a new empty map with the
config.openshift.io/inject-trusted-cabundle="true"
label in the Workspace namespace, instead of simply creating / updating a config map with the exact same content of the Che Operatorca-certs
config map.The text was updated successfully, but these errors were encountered: