GPG Public Key Rotation Reboot Exception

[corburn]

I would like to use a MachineConfig to periodically rotate the GPG public keys listed in /etc/containers/policy.json, but by default this will trigger a cluster drain and reboot which is not ideal. The mcd-reboot-exceptions openshift/enhancements#159 proposed adding a function to the MCD that compares two MachineConfigs to decide if a drain and reboot is required. The enhancement has been implemented by Pull Request #2259 as exceptions for ssh keys, pull secrets, and registries.conf changes; all other scenarios still require a drain and reboot. For my use-case, I'd like expand the exceptions to include GPG keys by updating the calculatePostConfigChangeActionFromFileDiffs function to ignore MachineConfig modifications to GPG files listed in the policy.json file. This would support the use-case of GPG public key rotation while still deriving when a reboot is necessary. Does this sound like a good approach?

[craychee]

Thank you for submitting an issue, @corburn. We have not yet determined how or if to expand the no-op option. We want to ensure that anything we add is safe, tested, and documented. We are actively engaged in conversations around this and have added this request to our backlog for consideration.

[openshift-bot]

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

[corburn]

/remove-lifecycle stale

[openshift-bot]

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

[openshift-bot]

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten
/remove-lifecycle stale

[corburn]

/remove-lifecycle rotten

[openshift-bot]

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

[openshift-bot]

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten
/remove-lifecycle stale