Description of problem: When creating multiple bindable APB's (example postgresql and mysql) using the same broker, the second APB's extracted credentials would also have the first's extracted credentials. This would cause the binding secret that the service catalog creates to have extra credentials. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Provision PostgreSQL APB and wait for it to finish 2. Provision MySQL APB and wait for it to finish 3. create a binding between MySQL and another APB Actual results: The secret that is created contains the credentials for PostgreSQL as well as its own credentials Expected results: The secret should only have its credentials Additional info:
Bug fixes with PR: https://github.com/openshift/ansible-service-broker/pull/469
Hi, Shawn I did not see secret contains the credentials for itself and others. I tried that Provision PostgreSQL APB and MySQL APB in defferent projects and in same project. # oc describe secret dh-rhscl-mysql-apb-8243t-credentials-lhem7 Name: dh-rhscl-mysql-apb-8243t-credentials-lhem7 Namespace: test1 Labels: <none> Annotations: <none> Type: Opaque Data ==== MYSQL_PASSWORD: 5 bytes MYSQL_PORT: 4 bytes MYSQL_USER: 5 bytes MYSQL_DATABASE: 5 bytes # oc describe secret dh-rhscl-postgresql-apb-fldxt-credentials-0diao Name: dh-rhscl-postgresql-apb-fldxt-credentials-0diao Namespace: test1 Labels: <none> Annotations: <none> Type: Opaque Data ==== DB_NAME: 5 bytes DB_PASSWORD: 4 bytes DB_PORT: 4 bytes DB_TYPE: 8 bytes DB_USER: 5 bytes DB_HOST: 10 bytes asb image used # docker images REPOSITORY TAG IMAGE ID CREATED SIZE brew-pulp-docker01.web.prod.ext.phx2.redhat.com:8888/openshift3/ose-ansible-service-broker v3.7 58314270b158 3 days ago 622.2 MB asbd --version 1.0.7
Does the above prove that the issue is fixed?
Which version has the fix for this bug? If the version has bug fix, and test steps are right, then we are confident that the bug is fixed.
Verified. Fixed. # oc describe secret dh-rhscl-postgresql-apb-ntsn2-credentials-95act Name: dh-rhscl-postgresql-apb-ntsn2-credentials-95act Namespace: wmeng1 Labels: <none> Annotations: <none> Type: Opaque Data ==== DB_TYPE: 8 bytes DB_USER: 5 bytes DB_HOST: 10 bytes DB_NAME: 5 bytes DB_PASSWORD: 20 bytes DB_PORT: 4 bytes [root@preserve-wmeng18-master-etcd-1 ~]# oc describe secret dh-rhscl-mysql-apb-69mjt-credentials-f55dv Name: dh-rhscl-mysql-apb-69mjt-credentials-f55dv Namespace: wmeng1 Labels: <none> Annotations: <none> Type: Opaque Data ==== MYSQL_DATABASE: 5 bytes MYSQL_HOST: 13 bytes MYSQL_PASSWORD: 20 bytes MYSQL_PORT: 4 bytes MYSQL_USER: 5 bytes [root@preserve-wmeng18-master-etcd-1 ~]# sh-4.2$ asbd --version 1.0.10 ansible-service-broker-1.0.10-1.el7.x86_64
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2017:3188