Bug 1018450

Summary: oo-admin-chk does not take membership into account when checking sshkeys
Product: OpenShift Online Reporter: Jianwei Hou <jhou>
Component: PodAssignee: Abhishek Gupta <abhgupta>
Status: CLOSED CURRENTRELEASE QA Contact: libra bugs <libra-bugs>
Severity: medium Docs Contact:
Priority: high    
Version: 2.x   
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-10-17 13:35:17 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Jianwei Hou 2013-10-12 07:16:31 UTC 
Description of problem:
When a member with edit role adds his sshkeys, the key will also be added to all the applications in the domain. However, 'oo-admin-chk -l 1' will consider there is a mismatch for the sshkey.

Version-Release number of selected component (if applicable):
devenv-stage_496

How reproducible:
Always

Steps to Reproduce:
1. Create one domain as owner
2. Add another member 'a' with edit role to the domain 
3. Create one application as owner
4. Upload ssh key as member 'a'
5. On broker, run 'oo-admin-chk -l 1'

Actual results:
After step 5:
[root@ip-10-179-16-81 .ssh]# oo-admin-chk -l 1
Started at: 2013-10-12 03:08:02 -0400
Time to fetch mongo data: 0.071s
Total gears found in mongo: 1
Time to get all gears from nodes: 21.221s
Total gears found on the nodes: 1
Total nodes that responded : 1
Time to get all sshkeys for all gears from nodes: 20.064s
Total gears found on the nodes: 1
Total nodes that responded : 1
Check failed.
Gear '5258eca2b6316fb5d700092d' has  key with comment 'OPENSHIFT-5258eca2b6316fb5d700092d-5258ebcdb6316f08a90000bd-keyt' on the node but not in mongo.
Please refer to the oo-admin-repair tool to resolve some of these inconsistencies.
Total time: 41.419s
Finished at: 2013-10-12 03:08:44 -0400


Expected results:
oo-admin-chk should take domain membership into account when checking ssh keys.

Additional info:
Comment 1 Abhishek Gupta 2013-10-14 19:19:02 UTC 
Fixed with --> https://github.com/openshift/origin-server/pull/3878
Comment 3 openshift-github-bot 2013-10-14 20:44:27 UTC 
Commit pushed to master at https://github.com/openshift/origin-server

https://github.com/openshift/origin-server/commit/227b1c4bb8f97849c75487350366d8c50fc3b5c0
Fix for bug 1018450
Comment 4 Jianwei Hou 2013-10-15 06:52:56 UTC 
Verified on devenv-stage_498
The membership has been taken into account when oo-admin-chk and oo-admin-repair is executed.