Bug 1273820 - Command line options should take precedence over configuration file values
Summary: Command line options should take precedence over configuration file values
Keywords:
Status: CLOSED EOL
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: oc
Version: 3.1.0
Hardware: Unspecified
OS: Unspecified
medium
low
Target Milestone: ---
: ---
Assignee: Maciej Szulik
QA Contact: Xingxing Xia
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-10-21 10:27 UTC by Xingxing Xia
Modified: 2019-08-21 08:39 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-08-21 08:39:20 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description Xingxing Xia 2015-10-21 10:27:15 UTC
Description of problem:
When 'oc login --certificate-authority=<CA file>' and then 'oc get bc --insecure-skip-tls-verify', the latter oc operation fails. Reverse the order, it also fails.

Version-Release number of selected component (if applicable):
oc v3.0.2.901-61-g568adb6
kubernetes v1.1.0-alpha.1-653-g86b4e77

How reproducible:
Always.

Steps to Reproduce:
1. Start openshift
2. oc login with CA and create project
$ SERVER=https://openshift-146.lab.eng.nay.redhat.com:8443
$ oc login --server=$SERVER --certificate-authority=openshift.local.config/master/ca.crt -u xxia -p redhat
$ oc new-proj xxia-proj
3. Check the config
$ oc config view
4. Test oc command with --insecure-skip-tls-verify when config uses CA
$ oc get bc --insecure-skip-tls-verify=true

5. oc login with --insecure-skip-tls-verify
1> $ rm -f ~/.kube/config
2> $ oc login --server=$SERVER --insecure-skip-tls-verify=true -u xxia -p redhat
6. Check the config again
$ oc config view
7. Test oc command with CA
$ oc get bc --certificate-authority=openshift.local.config/master/ca.crt

Actual results:
3. The cluster info uses CA
4. Outputs error:
error: specifying a root certificates file with the insecure flag is not allowed

6. The cluster info uses insecure-skip-tls-verify
7. Outputs error:
error: specifying a root certificates file with the insecure flag is not allowed

Expected results:
4. and 7.
Should succeed. Command line options take precedence over configuration file values

Additional info:
Checked step 4 and 7 in Openshift Origin works ok.
Refer to https://docs.openshift.org/latest/cli_reference/manage_cli_profiles.html#loading-and-merging-rules

Comment 2 Maciej Szulik 2019-08-21 08:39:20 UTC
Closing due to age.


Note You need to log in before you can comment on or make changes to this bug.