Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1500934 - When broker is deployed to a namespace other than ansible-service-broker, secret lookup fails
When broker is deployed to a namespace other than ansible-service-broker, sec...
Status: CLOSED ERRATA
Product: OpenShift Container Platform
Classification: Red Hat
Component: Service Broker (Show other bugs)
3.7.0
Unspecified Unspecified
unspecified Severity high
: ---
: 3.7.0
Assigned To: Erik Nelson
Zhang Cheng
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-10-11 15:07 EDT by Fabian von Feilitzsch
Modified: 2018-04-05 05:30 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: No Doc Update
Doc Text:
undefined
Story Points: ---
Clone Of:
Environment:
Last Closed: 2018-04-05 05:29:37 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2018:0636 None None None 2018-04-05 05:30 EDT

  None (edit)
Description Fabian von Feilitzsch 2017-10-11 15:07:18 EDT 
Description of problem:
The secret lookup is hardcoded to the ansible-service-broker namespace. It needs to be dynamically loaded so that the broker can be deployed to arbitrary namespaces

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 3 Zhang Cheng 2017-10-17 04:36:03 EDT 
Which method of deploy asb? By template or by ansible installer?
Could you provide a reproduce steps? Thanks.
Comment 4 Zhang Cheng 2017-10-20 05:14:50 EDT 
Fabian, Could you provide a reproduce steps? Thanks.
Comment 5 Zhang Cheng 2017-10-23 22:20:48 EDT 
John, this card lack enough info to verify for QE, could you help confirm and provide? Thanks.
Comment 6 Fabian von Feilitzsch 2017-10-27 13:24:30 EDT 
To test:

1. Install and deploy the broker to a namespace other than ansible-service-broker, for example openshift-ansible-service-broker (which is where the openshift-ansible installer would put it)
2. Create a secret named testsecret containing 
    postgresql_user: test
    postgresql_password: testpass
3. Add a secrets section to the broker config containing:
      secrets:
      - apb_name: dh-rhscl-postgresql-apb
        secret: test
        title: test
   (if you aren't pulling the apbs from dockerhub you may need to change the apb_name to match what is in y our broker)
4. Attempt to deploy the rhscl-postgresql-apb

If the deployment doesn't fail with an error saying that the secret wasn't found in the ansible-service-broker namespace then it worked
Comment 7 Zhang Cheng 2017-10-30 05:20:12 EDT 
I will verify after BZ https://bugzilla.redhat.com/show_bug.cgi?id=1496426 is merged.
Comment 8 Zhang Cheng 2017-11-02 06:27:05 EDT 
Verified and passed. Testing base on steps in comment6 with latest image v3.7.0-0.189.0.0
Comment 12 errata-xmlrpc 2018-04-05 05:29:37 EDT 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:0636
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.