Bug 1365276
| Summary: | openshift-scripts-dedicated does not support usernames with spaces in them. | ||
|---|---|---|---|
| Product: | OpenShift Online | Reporter: | Matt Woodson <mwoodson> |
| Component: | oc | Assignee: | Abhishek Gupta <abhgupta> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | weiwei jiang <wjiang> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 3.x | CC: | abhgupta, agrimm, aos-bugs, jokerman, mmccomas, wsun, xtian, yinzhou |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-10-04 13:08:22 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1303130 | ||
Fixed with --> https://github.com/openshift/online/pull/368 Checked with latest code, and found work well. # python apply-dedicated-roles.py -u "Isaac Newton" -p dedicated-project-admin.json -c dedicated-cluster-admin.json -v Arguments to program: ProjectRole = dedicated-project-admin ClusterRole = dedicated-cluster-admin Users = ["'Isaac Newton'"] Groups = [] SkipProjects = ['default', 'openshift-infra'] ReCreate = False Verbose = True Checking OpenShift CLI command ... OK Checking OpenShift admin CLI command ... OK Getting cluster role dedicated-cluster-admin if exists ... OK Adding cluster role dedicated-cluster-admin to users 'Isaac Newton' ... ...................... # oc get rolebindings NAME ROLE USERS GROUPS SERVICE ACCOUNTS SUBJECTS system:deployers /system:deployer deployer system:image-builders /system:image-builder builder system:image-pullers /system:image-puller system:serviceaccounts:wjinag admin /admin wjiang, Isaac Newton dedicated-project-admin /dedicated-project-admin Isaac Newton This is intentional - the ability to grant dedicated admin role to individual users via the script has been removed. You can now only specify groups to grant access and users can be added to the groups as a means to grant dedicated admin access to groups. |
Description of problem: We are running openshift-scripts-dedicated service. The user accounts have names in them. This is the output of /etc ========================================================================== OPTIONS="\ --project-role-file=/etc/openshift-dedicated/project-admin-role.json \ --cluster-role-file=/etc/openshift-dedicated/cluster-admin-role.json \ --skip-projects=default,openshift-infra \ --users='FName LName','FName2 LName2' \ --recreate \ --groups= \ --verbose \ " ========================================================================== The usernames on the system are "FName LName" and "FName2 LNAME2". When we run the rols, this is wha the role binding looks like: ========================================================================== RoleBinding[dedicated-cluster-admin]: Role: dedicated-cluster-admin Users: FName, LName, FName2, LName2 Groups: <none> ServiceAccounts: <none> Subjects: <none> ========================================================================== Notice these are not correct. We would expect the usernames to get put in properly. Version-Release number of selected component (if applicable): openshift-scripts-dedicated-3.2.1.2-1.el7.x86_64 Additional info: This is affecting dedicated admin customers.