Bug 1908484

Summary: oc adm release extract --cloud=aws --credentials-requests dumps all manifests
Product: OpenShift Container Platform Reporter: Joel Diaz <jdiaz>
Component: ocAssignee: Sally <somalley>
Status: CLOSED ERRATA QA Contact: zhou ying <yinzhou>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.7CC: aos-bugs, jokerman, mfojtik
Target Milestone: ---Keywords: Reopened
Target Release: 4.7.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-02-24 15:45:31 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Joel Diaz 2020-12-16 20:04:21 UTC 
Description of problem:
oc CLI is supposed to be able to extract all of the CredentialsRequest objects for a given release image.

Runnng 'oc adm release extract --credentials-requests --cloud=aws <release image here>' with 'oc' version '4.7.0-0.nightly-2020-12-14-165231' results in what appears to be all of the manifests from a release being placed in the current directory.

Running the same command with 'oc' version '4.6.8' results in printing all of the CredentialsRequest objects for platform AWS to stdout.

Version-Release number of selected component (if applicable):
4.7.0-0.nightly-2020-12-14-165231

How reproducible:
100%

Steps to Reproduce:
1. Download a recent build of the oc CLI.
2. ./oc adm release extract --credentials-requests --cloud=aws registry.svc.ci.openshift.org/ocp/release:4.7.0-0.ci-2020-12-14-114546
3.

Actual results:
Many, many yaml files placed in current working directory.

Expected results:
Print to stdout all of the CredentialsRequest objects for AWS for the specified release image.

Additional info:
Comment 1 Maciej Szulik 2020-12-17 09:43:26 UTC 
This is expected change that landed in 4.7, see https://bugzilla.redhat.com/show_bug.cgi?id=1853116 and https://github.com/openshift/oc/pull/482 for details.
Comment 2 Joel Diaz 2020-12-17 15:26:52 UTC 
I see that printing to stdout is gone. But still when I pass the '--credentials-requests' param to the 'extract' subcommand it appears that the oc CLI is dumping *all content*.

[jdiaz@minigoomba oc47]$ ./oc version
Client Version: 4.7.0-0.nightly-2020-12-14-165231
Kubernetes Version: v1.11.0+d4cacc0

[jdiaz@minigoomba oc47]$ ls credreqs  # EMPTY DIR
ls: cannot access 'credreqs': No such file or directory

[jdiaz@minigoomba oc47]$ ./oc adm release extract registry.svc.ci.openshift.org/ocp/release:4.7.0-0.nightly-2020-12-14-165231 --credentials-requests --cloud=aws --to ./credreqs
[jdiaz@minigoomba oc47]$ ls ./credreqs/ | wc -l  # 476 manifests extracted
476
[jdiaz@minigoomba oc47]$
Comment 4 zhou ying 2021-01-11 12:36:04 UTC 
Confirmed with latest oc client , the issue has fixed:

[root@preserver-workloadrhel-1 ext2]# oc version 
Client Version: 4.7.0-0.nightly-2021-01-10-070949
Kubernetes Version: v1.19.0+d59ce34

[root@preserver-workloadrhel-1 ext2]# oc adm release extract --credentials-requests --cloud=aws registry.ci.openshift.org/ocp/release:4.7.0-0.nightly-2021-01-10-070949
[root@preserver-workloadrhel-1 ext2]# ls |wc -l 
5


Compared with the older oc : 
[root@preserver-workloadrhel-1 ~]# oc version 
Client Version: 4.7.0-202012041716.p0-db6b7f1

[root@preserver-workloadrhel-1 ext]# oc adm release extract --credentials-requests --cloud=aws registry.ci.openshift.org/ocp/release:4.7.0-0.nightly-2021-01-10-070949
[root@preserver-workloadrhel-1 ext]# ls |wc -l
474
Comment 7 errata-xmlrpc 2021-02-24 15:45:31 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:5633