Bug 1463570

Summary: [PFfBJOsO]Only one annotation returns when both expose and base64-expose annotations are defined in template per bind request
Product: OpenShift Container Platform Reporter: Wenjing Zheng <wzheng>
Component: Service BrokerAssignee: Jim Minter <jminter>
Status: CLOSED ERRATA QA Contact: DeShuai Ma <dma>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.6.0CC: aos-bugs, smunilla, xtian
Target Milestone: ---   
Target Release: 3.7.0   
Hardware: Unspecified   
OS: Unspecified   
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-11-28 21:58:09 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Wenjing Zheng 2017-06-21 09:01:17 UTC
Description of problem:
Only one annotation returns when both expose and base64-expose annotations are defined in template per bind request:
"credentials": {
   "password": "GLyB07avWLNwUcai",
   "root-password": "1sXaso000YgOFSGl",
   "uri": "mysql://",
   "username": "username"

Version-Release number of selected component (if applicable):
openshift v3.6.121
kubernetes v1.6.1+5115d708d7
etcd 3.2.0

How reproducible:

Steps to Reproduce:
1.Create a template under test project like below:
"objects": [
      "kind": "Secret",
      "apiVersion": "v1",
      "metadata": {
        "name": "${DATABASE_SERVICE_NAME}",
        "annotations": {
          "template.openshift.io/expose-username": "{.data['database-user']}",
          "template.openshift.io/expose-password": "{.data['database-password']}",
          "template.openshift.io/expose-root-password": "{.data['database-root-password']}",
          "template.openshift.io/base64-expose-username": "{.data['database-user']}",
          "template.openshift.io/base64-expose-password": "{.data['database-password']}",
          "template.openshift.io/base64-expose-root-password": "{.data['database-root-password']}"
      "stringData" : {
        "database-user" : "${MYSQL_USER}",
        "database-password" : "${MYSQL_PASSWORD}",
        "database-root-password" : "${MYSQL_ROOT_PASSWORD}"
2. Enable service broker to project test
3. Change namespace and cluster address in shared.shh
4. Change namespace to test in provision.sh and bind.ssh and execute these two scripts

Actual results:
Only one group of data returns per bind request

Expected results:
It should have a warning about which kind of data will return when two kinds of annotations are defined during bind request.

Additional info:

Comment 1 Jim Minter 2017-06-22 09:23:44 UTC

Comment 2 Wenjing Zheng 2017-07-04 05:55:19 UTC
Warning like below appears: 
"description": "credential with key \"type\" already exists"

Verified on below version:
openshift v3.6.132
kubernetes v1.6.1+5115d708d7
etcd 3.2.1

Comment 4 DeShuai Ma 2017-07-05 08:29:03 UTC
From comment 2, QE already verified on openshift v3.6.132. move to verified status.

Comment 8 errata-xmlrpc 2017-11-28 21:58:09 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.