Description of problem: when create binding, will create a secret in openshift-ansible-service-broker namespace , the secret is better to add a 'apbAction=bind' label as the provision secret. # oc get secret --show-labels NAME TYPE DATA AGE LABELS 37c6c876-5d90-11e8-8814-0a580a800004 Opaque 1 48s apbAction=provision,apbName=dh-mariadb-apb 547fb66e-5d90-11e8-8814-0a580a800004 Opaque 1 8s <none> Version-Release number of selected component (if applicable): asb 1.2.12 How reproducible: always Steps to Reproduce: 1. provision a apb and create a binding 2. check the secret 3. Actual results: no label for the binding secret . # oc get secret --show-labels NAME TYPE DATA AGE LABELS 37c6c876-5d90-11e8-8814-0a580a800004 Opaque 1 48s apbAction=provision,apbName=dh-mariadb-apb 547fb66e-5d90-11e8-8814-0a580a800004 Opaque 1 8s <none> oc get secret 547fb66e-5d90-11e8-8814-0a580a800004 -o yaml apiVersion: v1 data: credentials: eyJEQl9IT1NUIjoicmhzY2wtbWFyaWFkYiIsIkRCX05BTUUiOiJhZG1pbiIsIkRCX1BBU1NXT1JEIjoiZGRkZCIsIkRCX1BPUlQiOiIzMzA2IiwiREJfVFlQRSI6Im15c3FsIiwiREJfVVNFUiI6ImFkbWluIn0= kind: Secret metadata: creationTimestamp: 2018-05-22T07:18:31Z name: 547fb66e-5d90-11e8-8814-0a580a800004 namespace: openshift-ansible-service-broker resourceVersion: "41767" selfLink: /api/v1/namespaces/openshift-ansible-service-broker/secrets/547fb66e-5d90-11e8-8814-0a580a800004 uid: 54ba420e-5d90-11e8-9843-0e0ea6ba27fc type: Opaque Expected results: add label apbAction=bind,apbName=dh-mariadb-apb Additional info:
https://github.com/automationbroker/bundle-lib/pull/157 A fix for this was actually committed to bundle-lib master a few days before this bz was filed. I noticed an inconsistency with these labels between actions, seeing 'apb{Action,Name}' and 'bundle{Action,Name}' both used. The bundle variant is more correct, so I have applied consistent labels across actions with the above PR.
verify failed. asb: v3.11.0-0.17.0 (1.3.9) the binding credentials in openshift-ansible-service-broker project still doest has label about 'bind' # oc get secret --show-labels NAME TYPE DATA AGE LABELS 42891cbf-a1dc-11e8-9338-0a580a800006 Opaque 1 11m bundleAction=provision,bundleName=aws-postgresql-apb 9b64d37d-a1dd-11e8-9338-0a580a800006 Opaque 1 3m <none> 9b64d37d-a1dd-11e8-9338-0a580a800006 is the secret from binding
There's one particular code path that was missed, here is the fix: https://github.com/openshift/ansible-service-broker/pull/1054
New builds added to advisory: openshift-enterprise-asb-container-v3.11.0-0.20.0.0 openshift-enterprise-apb-tools-container-v3.11.0-0.20.0.0
Verified asb: 1.3.12 # oc get secret --show-labels NAME TYPE DATA AGE LABELS 3eb53e91-aaa1-11e8-9d23-0a580a800006 Opaque 1 2m bundleAction=bind,bundleName=rh-postgresql-apb
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:2652