Bug 1954152

Summary:	in-cluster operators need an API for additional AWS tags
Product:	OpenShift Container Platform	Reporter:	OpenShift BugZilla Robot <openshift-bugzilla-robot>
Component:	Installer	Assignee:	Matthew Staebler <mstaeble>
Installer sub component:	openshift-installer	QA Contact:	Pedro Amoedo <pamoedom>
Status:	CLOSED ERRATA	Docs Contact:
Severity:	urgent
Priority:	urgent
Version:	4.8
Target Milestone:	---
Target Release:	4.7.z
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2021-05-19 15:16:51 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:	1950113
Bug Blocks:

Comment 4 Pedro Amoedo 2021-04-30 12:43:57 UTC

[QA Summary]

[Installer Version]

~~~
$ ./openshift-install version
./openshift-install 4.7.0-0.nightly-2021-04-30-074750
built from commit 8452b42b403f9ebd6f1499f70cdff5765e64d59e
release image registry.ci.openshift.org/ocp/release@sha256:5f5a13bcf4341f548e89dae2ba443efd42fc5e47e3793cbc8d0ce37d0d62b444

$ oc get clusterversion
NAME      VERSION                             AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.7.0-0.nightly-2021-04-30-074750   True        False         5m41s   Cluster version is 4.7.0-0.nightly-2021-04-30-074750
~~~

[Installer Parameters]

~~~
platform:
  aws:
    region: eu-west-3
    userTags:
      adminContact: pamoedo
      costCenter: 1981
      customTag: test
    experimentalPropagateUserTags: true
~~~

[Infra Resource Tags]

~~~
$ oc get infrastructures.config.openshift.io -o yaml | grep -A6 " resourceTags"
        resourceTags:
        - key: adminContact
          value: pamoedo
        - key: costCenter
          value: "1981"
        - key: customTag
          value: test
~~~

[Additional Checks]

The tags are still present in the rest of resources created by the installer, including also the volumes, for example:

~~~
$ aws ec2 describe-tags | grep customTag
TAGS	customTag	subnet-02295bb0eee17f264	subnet	test
TAGS	customTag	subnet-03194e9ff8e02e7f1	subnet	test
TAGS	customTag	subnet-060cc7b3b7897feda	subnet	test
TAGS	customTag	subnet-0b938f8e5350206bd	subnet	test
TAGS	customTag	subnet-0e0fa20e90bd49184	subnet	test
TAGS	customTag	subnet-0eded8680657b56af	subnet	test
TAGS	customTag	igw-0ed94dcb0fcb95ce7	internet-gateway	test
TAGS	customTag	sg-018943fad9b64a2b8	security-group	test
TAGS	customTag	sg-095549a9daf2086d6	security-group	test
TAGS	customTag	sg-0d2967f7861f3c8b8	security-group	test
TAGS	customTag	dopt-0eca553d67cbfd1e5	dhcp-options	test
TAGS	customTag	vpc-090e28d87d4ebc92d	vpc	test
TAGS	customTag	nat-027fe4ead0ea3efec	natgateway	test
TAGS	customTag	nat-0771eb0bbb0567951	natgateway	test
TAGS	customTag	nat-09387b7425e7bac19	natgateway	test
TAGS	customTag	nat-0c8ecc18d8082e5bd	natgateway	test
TAGS	customTag	nat-0dd35c3470adf784e	natgateway	test
TAGS	customTag	nat-0f0bfb756272c91f0	natgateway	test
TAGS	customTag	nat-0f40acb3d42c4bc10	natgateway	test
TAGS	customTag	nat-0f4cce1a722c762d0	natgateway	test
TAGS	customTag	vpce-044cc90d8c6d47d2a	vpc-endpoint	test
TAGS	customTag	vpce-04ed82e171d57ae4a	vpc-endpoint	test
TAGS	customTag	i-01cb2de3d464761ee	instance	test
TAGS	customTag	i-023f0c5327d8543b1	instance	test
TAGS	customTag	i-04668d5bfa1306f0c	instance	test
TAGS	customTag	i-0502747b2ad0d1fb0	instance	test
TAGS	customTag	i-083b410b6f5e1cfd5	instance	test
TAGS	customTag	i-085bf22d3d48dd08a	instance	test
TAGS	customTag	i-0a7f160c995511b6c	instance	test
TAGS	customTag	i-0aa5744c1adcf11cc	instance	test
TAGS	customTag	i-0ae129bb9a87a88aa	instance	test
TAGS	customTag	i-0b293cd3c99f908c2	instance	test
TAGS	customTag	vol-02f6f4dabe825f19e	volume	test
TAGS	customTag	vol-0527a2e81d0bd9e97	volume	test
TAGS	customTag	vol-05b21bd8bec942439	volume	test
TAGS	customTag	vol-06fa7b6ff554459be	volume	test
TAGS	customTag	vol-09a0c591668f7eccc	volume	test
TAGS	customTag	vol-0a3a7c3430d2b5ffd	volume	test
TAGS	customTag	vol-0b038d1deb0beae4c	volume	test
TAGS	customTag	vol-0b71a17063309dd2e	volume	test
TAGS	customTag	eni-04feda97813d590b9	network-interface	test
TAGS	customTag	eni-0758bb4f08dda43d9	network-interface	test
TAGS	customTag	eni-0e3c99eb2233c0373	network-interface	test
TAGS	customTag	rtb-0017a206788d539f3	route-table	test
TAGS	customTag	rtb-0a118306fec273ec5	route-table	test
TAGS	customTag	rtb-0bfb44ce0514994f0	route-table	test
TAGS	customTag	rtb-0eab4db94f0fdd978	route-table	test
TAGS	customTag	rtb-0f544df178ef21849	route-table	test
TAGS	customTag	eipalloc-0441a32f52f1d3991	elastic-ip	test
TAGS	customTag	eipalloc-05000e0c849ceec68	elastic-ip	test
TAGS	customTag	eipalloc-06a6f480cf59c4cbc	elastic-ip	test
~~~

Best Regards.

Comment 6 Siddharth Sharma 2021-05-10 17:59:44 UTC

This bug will be shipped as part of next z-stream release 4.7.11 on May 19th, as 4.7.10 was dropped due to a blocker https://bugzilla.redhat.com/show_bug.cgi?id=1958518.

Comment 10 errata-xmlrpc 2021-05-19 15:16:51 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.7.11 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:1550