This issue appears to be due to the fact that the current oc user's permissions is causing the construction of the broker request to fail. At the very least we can patch a fix for 3.7 to print a proper error.

Plan for 3.7.z is to print the correct error for this case.
3.9 is already doing this.

Daniel,

I confirm the `apb list --broker` is worked on the OCP 3.7 cluster for the 1.0.4 version. The usage is that you should add the "ansible-service-broker" strings in the tail of the broker URL, like below:

[root@localhost hello-world-apb]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.0314-p5u.qe.rhcloud.com/ansible-service-broker
ID                                NAME                           DESCRIPTION                          
30ba0018270996447917c32b0d6c4e6b  localregistry-hello-world-apb  deploys hello-world web application  
2c259ddd8059b9bc65081e07bf20058f  rh-mariadb-apb                 Mariadb apb implementation           
03b69500305d9859bb9440d9f9023784  rh-mediawiki-apb               Mediawiki123 apb implementation      
73ead67495322cc462794387fa9884f5  rh-mysql-apb                   Software Collections MySQL APB       
d5915e05b253df421efe6e41fb6a66ba  rh-postgresql-apb              SCL PostgreSQL apb implementation    

[root@localhost hello-world-apb]# rpm -qa | grep apb
apb-1.0.4-1.el7.noarch

For the 1.1.15 version, the users no longer need to add the "ansible-service-broker" strings in the broker URL.

So, no matter the 1.0.4 or the 1.1.15 version, both of them are worked well on the OCP 3.7 cluster.

QE tested both in ocp3.7 + apb 1.0.4 and ocp3.7 + apb 1.1.15, apb list function work well.

There are some usage difference in apb 1.0.4(ocp3.7 released version) and apb 1.1.15:
For apb 1.0.4(for ocp3.7):
You have to add the "ansible-service-broker" strings at the end of broker url, and apb list fail without "--broker" option by expected.

For apb 1.1.15(for ocp3.9) :
You don't need to add "ansible-service-broker" strings at the end of broker url(in another work, should be fine with or without string), and apb list both fine with or without "--broker" option.

Certainly, it is better if developer can patch a fix for 3.7 to print a proper error when user have a wrong usage.

master1: -> apb from ocp channel
master2: -> apb from epel
users:
  - system:admin
  - user1  - cluster admin role
  - user2  - 'normal' user

master1:
********
# yum install apb-1.0.4-1* -y
[root@master-1 ~]# rpm -qa apb
apb-1.0.4-1.el7.noarch
[root@master-1 ~]#

user:system:admin 
------------------
[root@master-1 ~]# apb list
Exception occurred! unsupported operand type(s) for +: 'NoneType' and 'str'
[root@master-1 ~]# 
[root@master-1 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/
Error: Attempt to list APBs in the broker returned status: 403
Unable to list APBs in Ansible Service Broker.
[root@master-1 ~]# 
[root@master-1 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker
Error: Attempt to list APBs in the broker returned status: 403
Unable to list APBs in Ansible Service Broker.
[root@master-1 ~]# 
[root@master-1 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/
Error: Attempt to list APBs in the broker returned status: 403
Unable to list APBs in Ansible Service Broker.
[root@master-1 ~]# 
[root@master-1 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com
Error: Attempt to list APBs in the broker returned status: 403
Unable to list APBs in Ansible Service Broker.
[root@master-1 ~]# 

--> seems expected as no token for system:admin



user: user1 (cluster admin role)
--------------------------------
[root@master-1 ~]# apb list
Exception occurred! unsupported operand type(s) for +: 'NoneType' and 'str'
[root@master-1 ~]# 
[root@master-1 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/
ID                                NAME               DESCRIPTION                        
2c259ddd8059b9bc65081e07bf20058f  rh-mariadb-apb     Mariadb apb implementation         
03b69500305d9859bb9440d9f9023784  rh-mediawiki-apb   Mediawiki123 apb implementation    
73ead67495322cc462794387fa9884f5  rh-mysql-apb       Software Collections MySQL APB     
d5915e05b253df421efe6e41fb6a66ba  rh-postgresql-apb  SCL PostgreSQL apb implementation  
[root@master-1 ~]# 
[root@master-1 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker
ID                                NAME               DESCRIPTION                        
2c259ddd8059b9bc65081e07bf20058f  rh-mariadb-apb     Mariadb apb implementation         
03b69500305d9859bb9440d9f9023784  rh-mediawiki-apb   Mediawiki123 apb implementation    
73ead67495322cc462794387fa9884f5  rh-mysql-apb       Software Collections MySQL APB     
d5915e05b253df421efe6e41fb6a66ba  rh-postgresql-apb  SCL PostgreSQL apb implementation  
[root@master-1 ~]# 
[root@master-1 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/
Error: Attempt to list APBs in the broker returned status: 404
Unable to list APBs in Ansible Service Broker.
[root@master-1 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com
Error: Attempt to list APBs in the broker returned status: 404
Unable to list APBs in Ansible Service Broker.
[root@master-1 ~]# 

--> user with cluster role and token, works

user: user2 (normal user)
--------------------------
[root@master-1 ~]# apb list
Exception occurred! Could not find route to ansible-service-broker. Use --broker or log into the cluster using "oc login"
[root@master-1 ~]# 
[root@master-1 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/
Error: Attempt to list APBs in the broker returned status: 403
Unable to list APBs in Ansible Service Broker.
[root@master-1 ~]# 
[root@master-1 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker
Error: Attempt to list APBs in the broker returned status: 403
Unable to list APBs in Ansible Service Broker.
[root@master-1 ~]# 
[root@master-1 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/
Error: Attempt to list APBs in the broker returned status: 403
Unable to list APBs in Ansible Service Broker.
[root@master-1 ~]# 
[root@master-1 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com
Error: Attempt to list APBs in the broker returned status: 403
Unable to list APBs in Ansible Service Broker.
[root@master-1 ~]# 

--> user w/o access rights, does not work, expected

#####################################################################################################################################################

master2:
********
# wget https://copr.fedorainfracloud.org/coprs/g/ansible-service-broker/ansible-service-broker-latest/repo/epel-7/group_ansible-service-broker-ansible-service-broker-latest-epel-7.repo -O /etc/yum.repos.d/ansible-service-broker.repo
# yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
# yum install -y apb
[root@master-2 ~]# rpm -qa apb
apb-1.1.15-1.20180305205029.el7.centos.noarch
[root@master-2 ~]# 


user:system:admin 
------------------
[root@master-2 ~]# apb list
Didn't find OpenShift Ansible Broker route in namespace: ansible-service-broker.                    Trying openshift-ansible-service-broker
Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/v2/catalog
Error: Attempt to list APBs in the broker returned status: 403
Unable to list APBs in Ansible Service Broker.
[root@master-2 ~]# 
[root@master-2 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/
Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/ansible-service-broker/v2/catalog
Error: Attempt to list APBs in the broker returned status: 403
Unable to list APBs in Ansible Service Broker.
[root@master-2 ~]# 
[root@master-2 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker
Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/v2/catalog
Error: Attempt to list APBs in the broker returned status: 403
Unable to list APBs in Ansible Service Broker.
[root@master-2 ~]# 
[root@master-2 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/
Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/v2/catalog
Error: Attempt to list APBs in the broker returned status: 403
Unable to list APBs in Ansible Service Broker.
[root@master-2 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com
Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/v2/catalog
Error: Attempt to list APBs in the broker returned status: 403
Unable to list APBs in Ansible Service Broker.
[root@master-2 ~]# 


--> seems expected as no token for system:admin


user: user1 (cluster admin role)
--------------------------------
[root@master-2 ~]# apb list
Didn't find OpenShift Ansible Broker route in namespace: ansible-service-broker.                    Trying openshift-ansible-service-broker
Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/v2/catalog
ID                                NAME               DESCRIPTION                        
2c259ddd8059b9bc65081e07bf20058f  rh-mariadb-apb     Mariadb apb implementation         
03b69500305d9859bb9440d9f9023784  rh-mediawiki-apb   Mediawiki123 apb implementation    
73ead67495322cc462794387fa9884f5  rh-mysql-apb       Software Collections MySQL APB     
d5915e05b253df421efe6e41fb6a66ba  rh-postgresql-apb  SCL PostgreSQL apb implementation  
[root@master-2 ~]# 
[root@master-2 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/
Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/ansible-service-broker/v2/catalog
Error: Attempt to list APBs in the broker returned status: 404
Unable to list APBs in Ansible Service Broker.
[root@master-2 ~]# 
[root@master-2 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker
Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/v2/catalog
ID                                NAME               DESCRIPTION                        
2c259ddd8059b9bc65081e07bf20058f  rh-mariadb-apb     Mariadb apb implementation         
03b69500305d9859bb9440d9f9023784  rh-mediawiki-apb   Mediawiki123 apb implementation    
73ead67495322cc462794387fa9884f5  rh-mysql-apb       Software Collections MySQL APB     
d5915e05b253df421efe6e41fb6a66ba  rh-postgresql-apb  SCL PostgreSQL apb implementation  
[root@master-2 ~]# 
[root@master-2 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/
Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/v2/catalog
ID                                NAME               DESCRIPTION                        
2c259ddd8059b9bc65081e07bf20058f  rh-mariadb-apb     Mariadb apb implementation         
03b69500305d9859bb9440d9f9023784  rh-mediawiki-apb   Mediawiki123 apb implementation    
73ead67495322cc462794387fa9884f5  rh-mysql-apb       Software Collections MySQL APB     
d5915e05b253df421efe6e41fb6a66ba  rh-postgresql-apb  SCL PostgreSQL apb implementation  
[root@master-2 ~]# 
[root@master-2 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com
Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/v2/catalog
ID                                NAME               DESCRIPTION                        
2c259ddd8059b9bc65081e07bf20058f  rh-mariadb-apb     Mariadb apb implementation         
03b69500305d9859bb9440d9f9023784  rh-mediawiki-apb   Mediawiki123 apb implementation    
73ead67495322cc462794387fa9884f5  rh-mysql-apb       Software Collections MySQL APB     
d5915e05b253df421efe6e41fb6a66ba  rh-postgresql-apb  SCL PostgreSQL apb implementation  
[root@master-2 ~]# 

--> cluster admin role for user works es expected


user: user2 (normal user)
--------------------------
[root@master-2 ~]# apb list 
Exception occurred! Could not find route to ansible-service-broker. Use --broker or log into the cluster using "oc login"
[root@master-2 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/
Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/ansible-service-broker/v2/catalog
Error: Attempt to list APBs in the broker returned status: 403
Unable to list APBs in Ansible Service Broker.
[root@master-2 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker
Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/v2/catalog
Error: Attempt to list APBs in the broker returned status: 403
Unable to list APBs in Ansible Service Broker.
[root@master-2 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/
Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/v2/catalog
Error: Attempt to list APBs in the broker returned status: 403
Unable to list APBs in Ansible Service Broker.
[root@master-2 ~]# apb list --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com
Contacting the ansible-service-broker at: https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/v2/catalog
Error: Attempt to list APBs in the broker returned status: 403
Unable to list APBs in Ansible Service Broker.
[root@master-2 ~]# 

--> expected as user access rights not set



my summary:
- abp from official repos should have improved error message making it easier for users to understand why it is failing

- cosmetig thing:
  - apb from ocp repo :  --broker https://asb-1338-openshift-ansible-service-broker.apps.example.com/ansible-service-broker/  (trailing /) works while it does not for the one from epel, again cosmetic, but at least for me hard to spot ;)

- probably we should improve documentation around this as looking at 
  - https://docs.openshift.com/container-platform/3.7/apb_devel/cli_tooling.html#apb-devel-cli-overview
    as well as 
  - https://docs.openshift.com/container-platform/3.7/apb_devel/writing/getting_started.html#apb-devel-writing-gs-dev-env
  do not mention that --broker is required

I have backported some fixes so that the --broker flag will work as expected without providing the required suffix.

This should fix the 404 errors that Daniel has seen.

https://github.com/ansibleplaybookbundle/ansible-playbook-bundle/pull/245

https://brewweb.engineering.redhat.com/brew/buildinfo?buildID=663785

Changing status to ON_QA since errata image ready for test.

It works well as we expected, LGTM, verified.

version:
[root@host-172-16-120-59 ~]# rpm -qa | grep apb
apb-1.0.5-1.el7.noarch

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:2009