Bug 1835726

Summary: [aws-ebs-csi-driver-operator] AWS EBS CSI operator does not show errors from CredentialRequests
Product: OpenShift Container Platform Reporter: Jan Safranek <jsafrane>
Component: StorageAssignee: Jan Safranek <jsafrane>
Status: CLOSED ERRATA QA Contact: Chao Yang <chaoyang>
Severity: low Docs Contact:
Priority: low    
Version: 4.5CC: aos-bugs
Target Milestone: ---   
Target Release: 4.5.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-07-13 17:38:49 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jan Safranek 2020-05-14 11:53:49 UTC 
How reproducible:
Only once, might be hard to reproduce.

Steps to Reproduce:
1. Install the operator with the default CR

2. Since our shared AWS account exceeded nr. of AWS users, cloud credential operator shows LimitExceeded: Cannot exceed quota for UsersPerAccount: 5000

3. But the CSI driver operator shows only "waiting for cloud credentials secret 
provided by cloud-credential-operator" forever, without any indication what is wrong

Actual results:
$ oc get awsebsdriver -o yaml
  status:
    conditions:
    - lastTransitionTime: "2020-05-14T11:45:08Z"
      message: waiting for cloud credentials secret provided by cloud-credential-operator
      reason: OperatorSync
      status: "True"
      type: Degraded

Expected results:
$ oc get awsebsdriver -o yaml
  status:
    conditions:
    - lastTransitionTime: "2020-05-14T11:45:08Z"
      message: waiting for cloud credentials secret provided by cloud-credential-operator: failed to grant creds: error syncing creds in mint-mode: AWS Error:
      LimitExceeded - LimitExceeded: Cannot exceed quota for UsersPerAccount: 5000\n\tstatus
      code: 409, request id: 0f750904-01cc-4752-a679-1d4c1368389d"
      

The message is a bit ugly, but it's copied from CredentialsRequest.status.conditions.
Comment 3 Jan Safranek 2020-05-20 17:10:24 UTC 
The fix is not ready yet.
Comment 5 Chao Yang 2020-06-11 07:19:23 UTC 
Tested several times but did not meet this issue.
So update as Verified.
Comment 6 errata-xmlrpc 2020-07-13 17:38:49 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:2409