Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
blocked-edges/4.2.23: Block all incoming edges on the service CA bug …
…1810036
Also tombstone affected releases to avoid further channel promotion
for affected releases. Details on the bug:
* 4.5: Fixed by [1], service-ca-operator 74b5ce2 [2], which included library-go
d9c73bb [3].
* 4.4: Introduced by [4] (no PR?). Fixed by [5], service-ca-operator
e5a04d6 [6], which included library-go 3c25293 [7].
$ oc adm release info --commits quay.io/openshift-release-dev/ocp-release:4.4.0-rc.0-x86_64 | grep service-ca-operator
service-ca-operator https://github.com/openshift/service-ca-operator 094a9ad02dbe3bcb57d5fbad301cfcfcd48bd2ed
$ oc adm release info --commits quay.io/openshift-release-dev/ocp-release:4.4.0-rc.1-x86_64 | grep service-ca-operator
service-ca-operator https://github.com/openshift/service-ca-operator 094a9ad02dbe3bcb57d5fbad301cfcfcd48bd2ed
$ git --no-pager log -2 --first-parent --oneline origin/release-4.4
e5a04d6a (origin/release-4.4) Merge pull request openshift#111 from marun/4.4-unique-ca-serial
094a9ad0 Merge pull request #95 from vareti/signer-ca-metrics
So both RCs are affected.
* 4.3: Introduced by [8], service-ca-operator 8395d65 [9]. Fixed by
[10], service-ca-operator dd7235b [11], which includes library-go
5844159 [12].
Fix has not been released yet.
$ oc adm release info --commits quay.io/openshift-release-dev/ocp-release:4.3.3-x86_64 | grep service-ca-operator
service-ca-operator https://github.com/openshift/service-ca-operator 774c394da334dec446703545d4baaf89611ccb9d
$ oc adm release info --commits quay.io/openshift-release-dev/ocp-release:4.3.5-x86_64 | grep service-ca-operator
service-ca-operator https://github.com/openshift/service-ca-operator 8395d65888b0a4249277989f18ee03f45383e409
So this was introduced in 4.3.5 (there was no 4.3.4).
* 4.2: Introduced by [13], service-ca-operator 0324055 [14], which
includes library-go 2cf86bb [15] and API 8ce0047 [16]. Fix in
flight with [17,18]. [19] has already landed with library-go
d58edcb.
$ oc adm release info --commits quay.io/openshift-release-dev/ocp-release:4.2.21-x86_64 | grep service-ca-operator
service-ca-operator https://github.com/openshift/service-ca-operator f6720573b9b63147436374e51e6fda44683b1e9f
$ oc adm release info --commits quay.io/openshift-release-dev/ocp-release:4.2.22-x86_64 | grep service-ca-operator
service-ca-operator https://github.com/openshift/service-ca-operator 0324055c3bad3a857dcf3471c024bf42c20d549e
So this was introduced in 4.2.22.
* 4.1: Backport stream introducing the bug is still ASSIGNED [20], so
no 4.1 impact yet.
[1]: https://bugzilla.redhat.com/show_bug.cgi?id=1810036
[2]: openshift/service-ca-operator#110 (comment)
[3]: openshift/library-go#726 (comment)
[4]: https://bugzilla.redhat.com/show_bug.cgi?id=1774121
[5]: https://bugzilla.redhat.com/show_bug.cgi?id=1810418
[6]: openshift/service-ca-operator#111 (comment)
[7]: openshift/library-go#728 (comment)
[8]: https://bugzilla.redhat.com/show_bug.cgi?id=1788179
[9]: openshift/service-ca-operator#104 (comment)
[10]: https://bugzilla.redhat.com/show_bug.cgi?id=1810420
[11]: openshift/service-ca-operator#112 (comment)
[12]: openshift/library-go#729 (comment)
[13]: https://bugzilla.redhat.com/show_bug.cgi?id=1774156
[14]: openshift/service-ca-operator#105 (comment)
[15]: openshift/library-go#684 (comment)
[16]: openshift/api#577 (comment)
[17]: https://bugzilla.redhat.com/show_bug.cgi?id=1810421
[18]: openshift/service-ca-operator#113
[19]: openshift/library-go#730 (comment)
[20]: https://bugzilla.redhat.com/show_bug.cgi?id=1774157- Loading branch information
