Bug 1718412
| Summary: | TemplateInstance object not taking into account values passed in through secret | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Gabe Montero <gmontero> |
| Component: | Templates | Assignee: | Gabe Montero <gmontero> |
| Status: | CLOSED ERRATA | QA Contact: | XiuJuan Wang <xiuwang> |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 4.2.0 | CC: | aos-bugs, chezhang, erich, gmontero, jesusr, jkim, joboyer, jokerman, jrosenta, mmariyan, mmccomas, openshift-bugs-escalate, shurley, wzheng, xiuwang, xtian |
| Target Milestone: | --- | ||
| Target Release: | 4.2.0 | ||
| Hardware: | Unspecified | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | 1713982 | Environment: | |
| Last Closed: | 2019-10-16 06:31:35 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1713982, 1719044 | ||
| Bug Blocks: | |||
|
Comment 1
Gabe Montero
2019-06-07 17:16:24 UTC
PR has merged $oc get clusterversion
NAME VERSION AVAILABLE PROGRESSING SINCE STATUS
version False True 3h47m 4.2.0-0.ci-2019-06-16-194145
The value of secret secrettest still don't get took.
$ oc get templateinstance secrettest -o yaml
apiVersion: template.openshift.io/v1
kind: TemplateInstance
metadata:
creationTimestamp: "2019-06-17T07:21:36Z"
finalizers:
- template.openshift.io/finalizer
name: secrettest
namespace: mycloudpoc
resourceVersion: "55206"
selfLink: /apis/template.openshift.io/v1/namespaces/mycloudpoc/templateinstances/secrettest
uid: 8a8ca906-90d0-11e9-b8a6-0a580a800028
spec:
requester:
groups:
- system:serviceaccounts
- system:serviceaccounts:mycloudpoc
- system:authenticated
username: system:serviceaccount:mycloudpoc:mycloudadmin
secret:
name: secrettest
template:
metadata:
annotations:
description: Openshift Project delivered via Hybrid Cloud
creationTimestamp: "2019-06-17T07:20:58Z"
name: odenprojcreation
namespace: mycloudpoc
resourceVersion: "55042"
selfLink: /apis/template.openshift.io/v1/namespaces/mycloudpoc/templates/odenprojcreation
uid: 7445c4de-90d0-11e9-b7ca-0a580a810026
objects:
- apiVersion: v1
kind: Project
metadata:
annotations:
openshift.io/description: Openshift Project delivered via Hybrid Cloud
openshift.io/display-name: ${PROJECT_NAME}
openshift.io/node-selector: sla${SLA}=true
creationTimestamp: null
labels:
apmid: ${APMID}
assignmentcode: ${CODE}
crq: ${CRQ}
deliverymanager: ${DM}
requester: ${REQUESTER}
ritm: ${RITM}
serviceruntimemanager: ${SRM}
sla: ${SLA}
sz: ${SZ}
technicalcontact: ${PROJECT_ADMIN_USER}
name: ${PROJECT_NAME}
spec: {}
status: {}
- apiVersion: v1
kind: ResourceQuota
metadata:
name: compute-resources
namespace: ${PROJECT_NAME}
spec:
hard:
limits.memory: ${MEM}
requests.cpu: ${CPU}
- apiVersion: v1
kind: ResourceQuota
metadata:
name: platform-resources
namespace: ${PROJECT_NAME}
spec:
hard:
persistentvolumeclaims: 10
pods: 30
requests.storage: 500Gi
- apiVersion: v1
kind: LimitRange
metadata:
creationTimestamp: null
name: compute-limits
namespace: ${PROJECT_NAME}
spec:
limits:
- max:
cpu: 2
memory: 16Gi
min:
cpu: 7m
memory: 100Mi
type: Pod
- default:
cpu: 500m
memory: 256Mi
defaultRequest:
cpu: 50m
memory: 128Mi
max:
cpu: 2
memory: 16Gi
min:
cpu: 7m
memory: 100Mi
type: Container
- apiVersion: v1
groupNames: []
kind: RoleBinding
metadata:
creationTimestamp: null
name: admins
namespace: ${PROJECT_NAME}
roleRef:
name: admin
subjects:
- kind: User
name: ${PROJECT_ADMIN_USER}
userNames:
- ${PROJECT_ADMIN_USER}
- ${REQUESTER}
- apiVersion: v1
groupNames:
- system:serviceaccounts:${PROJECT_NAME}
kind: RoleBinding
metadata:
creationTimestamp: null
name: system:image-pullers
namespace: ${PROJECT_NAME}
roleRef:
name: system:image-puller
subjects:
- kind: SystemGroup
name: system:serviceaccounts:${PROJECT_NAME}
userNames: []
- apiVersion: v1
groupNames: []
kind: RoleBinding
metadata:
creationTimestamp: null
name: system:image-builders
namespace: ${PROJECT_NAME}
roleRef:
name: system:image-builder
subjects:
- kind: ServiceAccount
name: builder
userNames:
- system:serviceaccount:${PROJECT_NAME}:builder
- apiVersion: v1
groupNames: []
kind: RoleBinding
metadata:
creationTimestamp: null
name: system:deployers
namespace: ${PROJECT_NAME}
roleRef:
name: system:deployer
subjects:
- kind: ServiceAccount
name: deployer
userNames:
- system:serviceaccount:${PROJECT_NAME}:deployer
parameters:
- name: PROJECT_NAME
- name: PROJECT_ADMIN_USER
- name: DM
- name: SRM
- name: RITM
value: nill
- name: CRQ
value: nill
- name: CODE
value: nill
- name: APMID
value: nill
- name: REQUESTER
- name: MEM
value: 0Mi
- name: CPU
value: 0m
- name: SZ
value: volvoci
- name: SLA
value: standard
status:
conditions:
- lastTransitionTime: "2019-06-17T07:21:36Z"
message: ""
reason: Created
status: "True"
type: Ready
objects:
- ref:
apiVersion: project.openshift.io/v1
kind: Project
name: openshift-proj011
uid: 8ac5f74c-90d0-11e9-84df-06ec4392e7f4
- ref:
apiVersion: v1
kind: ResourceQuota
name: compute-resources
namespace: openshift-proj011
uid: 8ac7fcf4-90d0-11e9-84df-06ec4392e7f4
- ref:
apiVersion: v1
kind: ResourceQuota
name: platform-resources
namespace: openshift-proj011
uid: 8ac98010-90d0-11e9-84df-06ec4392e7f4
- ref:
apiVersion: v1
kind: LimitRange
name: compute-limits
namespace: openshift-proj011
uid: 8acbdf6c-90d0-11e9-84df-06ec4392e7f4
- ref:
apiVersion: authorization.openshift.io/v1
kind: RoleBinding
name: admins
namespace: openshift-proj011
uid: 8acedb92-90d0-11e9-84df-06ec4392e7f4
- ref:
apiVersion: authorization.openshift.io/v1
kind: RoleBinding
name: system:image-pullers
namespace: openshift-proj011
uid: 8ad4b162-90d0-11e9-84df-06ec4392e7f4
- ref:
apiVersion: authorization.openshift.io/v1
kind: RoleBinding
name: system:image-builders
namespace: openshift-proj011
uid: 8ad8bce7-90d0-11e9-84df-06ec4392e7f4
- ref:
apiVersion: authorization.openshift.io/v1
kind: RoleBinding
name: system:deployers
namespace: openshift-proj011
uid: 8adc1fc9-90d0-11e9-84df-06ec4392e7f4
@XiuJuan the secret values do not appear in the templateinstance yaml
They show up in the object created by the template ... you need to
a) take the name/value pairs defined in the secret, such as
"stringData": {
"APMID": "OS",
"CODE": "VY02RJ",
"CPU": "2",
"CRQ": "SRTest013",
"DM": "vishwa",
"MEM": "4Gi",
"PROJECT_ADMIN_USER": "tin2933",
"PROJECT_NAME": "openshift-proj011",
"REQUESTER": "tin2933",
"RITM": "openritm013",
"SLA": "basic",
"SRM": "vishwa",
"SZ": "VolvoCI"
}
b) map those keys to template parameters .... take for example "CRQ"
c) then display the yaml for those objects, for example when I 'oc get project openshift-proj011 -o yaml"
I see this label:
crq: SRTest013
That came from the "CRQ": "SRTest013" in the secret.
Give it another go please.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:2922 |