Open xuezhaojun opened 3 years ago
most likely the same issue in app lifecycle as well. I think we need proper app and policy addons to resolve this issue.
/assign mikeshng /assign ycao56
/kind bug
Perhaps we need to improve our instructions to mention this limitation. Just briefly discussed with @qiujian16 that maybe
kubectl get secret -n open-cluster-management-agent hub-kubeconfig-secret -oyaml
contains the kubeconfig that we should be using.
Or we can hold this issue until we have proper addon implementation using the addon framework/library that will take care of this for us.
What have I done: I installed policy framework and policy controllers successfully.
What happened: The day after I installed policy framework and policy controllers, policies can not be propagated.
The reason why:
To login an OKD we need to use command:
But
oc login
only generate a user token (not a certification or username&password) in the kubeconfig.Since we store this kubeconfig as a secret when we are installing "policy-framework" on managed cluster, the information can not be sync anymore after token expired.