OCPBUGS-24226: setting TLSSecurityProfile with no minTLSVersion crashes controller

[dobsonj]

bump library-go to get the fix in commit 4a819e39ef45daa1f9a800434082f93e0b4b227a

[openshift-ci-robot]

@dobsonj: This pull request references Jira Issue OCPBUGS-24226, which is valid.

3 validation(s) were run on this bug

• bug is open, matching expected state (open)
• bug target version (4.16.0) matches configured target version for branch (4.16.0)
• bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, POST)

No GitHub users were found matching the public email listed for the QA contact in Jira (wduan@redhat.com), skipping review request.

The bug has been updated to refer to the pull request using the external bug tracker.

In response to this:

bump library-go to get the fix in commit 4a819e39ef45daa1f9a800434082f93e0b4b227a

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dobsonj

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [dobsonj]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[dobsonj]

/retest

[RomanBednar]

/lgtm

[openshift-ci-robot]

/retest-required

Remaining retests: 0 against base HEAD 62db1df and 2 for PR HEAD e2606f0 in total

[duanwei33]

Tested with open PR, it works when setting cipherSuites without minTLSVersion in apiserver:

$ oc edit apiserver cluster
spec:
  audit:
    profile: Default   
  tlsSecurityProfile:
    custom:
      ciphers:
      - ECDHE-ECDSA-CHACHA20-POLY1305
      - ECDHE-ECDSA-AES128-GCM-SHA256
    type: Custom    

$ oc get clustercsidriver -o json cinder.csi.openstack.org | jq .spec.observedConfig.targetcsiconfig.servingInfo
{
  "cipherSuites": [
    "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
    "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
  ],
  "minTLSVersion": ""
}

$ oc get pod -n openshift-manila-csi-driver -o yaml | grep '\--tls-[mc]i'
      - --tls-cipher-suites=TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
      - --tls-min-version=VersionTLS12
      - --tls-cipher-suites=TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
      - --tls-min-version=VersionTLS12
      - --tls-cipher-suites=TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
      - --tls-min-version=VersionTLS12
      - --tls-cipher-suites=TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
      - --tls-min-version=VersionTLS12

[duanwei33]

/label qe-approved

[openshift-ci-robot]

@dobsonj: This pull request references Jira Issue OCPBUGS-24226, which is valid.

3 validation(s) were run on this bug

• bug is open, matching expected state (open)
• bug target version (4.16.0) matches configured target version for branch (4.16.0)
• bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, POST)

No GitHub users were found matching the public email listed for the QA contact in Jira (wduan@redhat.com), skipping review request.

In response to this:

bump library-go to get the fix in commit 4a819e39ef45daa1f9a800434082f93e0b4b227a

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[dobsonj]

/retest

[dobsonj]

/retest

[dobsonj]

/retest

[dobsonj]

/retest

[dobsonj]

/retest

[dobsonj]

/override ci/prow/e2e-vsphere-ovn-upgrade

[openshift-ci]

@dobsonj: Overrode contexts on behalf of dobsonj: ci/prow/e2e-vsphere-ovn-upgrade

In response to this:

/override ci/prow/e2e-vsphere-ovn-upgrade

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-ci-robot]

@dobsonj: Jira Issue OCPBUGS-24226: Some pull requests linked via external trackers have merged:

• openshift/library-go#1636
• openshift/csi-operator#76
• openshift/gcp-pd-csi-driver-operator#104
• openshift/alibaba-disk-csi-driver-operator#78
• openshift/azure-file-csi-driver-operator#91
• openshift/csi-driver-manila-operator#217
• openshift/gcp-filestore-csi-driver-operator#69

The following pull requests linked via external trackers have not merged:

• openshift/openstack-cinder-csi-driver-operator#150 is open

These pull request must merge or be unlinked from the Jira bug in order for it to move to the next state. Once unlinked, request a bug refresh with /jira refresh.

Jira Issue OCPBUGS-24226 has not been moved to the MODIFIED state.

In response to this:

bump library-go to get the fix in commit 4a819e39ef45daa1f9a800434082f93e0b4b227a

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-ci]

@dobsonj: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[openshift-bot]

[ART PR BUILD NOTIFIER]

This PR has been included in build ose-vmware-vsphere-csi-driver-operator-container-v4.16.0-202312160051.p0.g6dc56c0.assembly.stream for distgit ose-vmware-vsphere-csi-driver-operator.
All builds following this will include this PR.