+++ This bug was initially created as a clone of Bug #1569870 +++ Description of problem: The content in configmap is hard to read and maintain and is error-prone. Version-Release number of the following components: 3.9.41 How reproducible: Always Steps to Reproduce: In some configmaps i got the control character for '\n' inside the vi editor and for exports - Example snippet configMap prometheus: ### apiVersion: v1 data: prometheus.yml: "rule_files": \n ... \"localhost:9093\"\n" kind: configMap ... ### Inside the web-console everything seems to be fine
more specific example of "oc export sts prometheus (oc version 3.9.41) - vi: set lines, set numbers - end of line is: '$' Lines 03 - 120 (starting with data:) are corrupt Lines 26 - 100 are corrupt and cut out ### 1 apiVersion: v1$ 2 data:$ 3 prometheus.yml: "rule_files:\n - '/etc/prometheus/rules/*.rules'\n\n# A scrape$ 4 configuration for running Prometheus on a Kubernetes cluster.\n# This uses separate$ 5 scrape configs for cluster components (i.e. API server, node)\n# and services$ 6 to allow each to use different authentication configs.\n#\n# Kubernetes labels$ 7 will be added as Prometheus labels on metrics via the\n# `labelmap` relabeling$ 8 action.\n\n# Scrape config for API servers.\n#\n# Kubernetes exposes API servers$ 9 as endpoints to the default/kubernetes\n# service so this uses `endpoints` role$ 10 and uses relabelling to only keep\n# the endpoints associated with the default/kubernetes$ 11 service using the\n# default named port `https`. This works for single API server$ 12 deployments as\n# well as HA API server deployments.\nscrape_configs:\n- job_name:$ 13 'etcd'\n scrape_interval: 15s\n scrape_timeout: 5s\n\n static_configs: \n -$ 14 targets: ['host1:2379','host2:2379','host3:2379']\n\n tls_config: \n$ 15 \ cert_file: /etc/etcd/peer.crt \n key_file: /etc/etcd/peer.key\n insecure_skip_verify:$ 16 true\n scheme: https\n\n- job_name: 'kubernetes-apiservers'\n\n kubernetes_sd_configs:\n$ 17 \ - role: endpoints\n\n scheme: https\n tls_config:\n ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt\n$ 18 \ bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token\n\n #$ 19 Keep only the default/kubernetes service endpoints for the https port. This\n$ 20 \ # will add targets for each API server which Kubernetes adds an endpoint to\n$ 21 \ # the default/kubernetes service.\n relabel_configs:\n - source_labels: [__meta_kubernetes_namespace,$ 22 __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]\n action:$ 23 keep\n regex: default;kubernetes;https\n\n# Scrape config for controllers.\n#\n#$ 24 Each master node exposes a /metrics endpoint on :8444 that contains operational$ 25 metrics for\n# the controllers.\n#\n\n- job_name: 'kubernetes-controllers'\n\n$ … 101 \ target_label: __name__\n replacement: renamed_$1\n# - source_labels: [__name__]\n#$ 102 \ action: drop\n# regex: 'node_(netstat|vmstat|filesystem|network)_.+'\n$ 103 \ - source_labels: [__name__]\n action: replace\n regex: 'renamed_(.+)'\n$ 104 \ target_label: __name__\n replacement: $1\n # drop any partial expensive$ 105 series\n# - source_labels: [__name__, device]\n# action: drop\n# regex:$ 106 'node_network_.+;veth.+'\n# - source_labels: [__name__, mountpoint]\n# action:$ 107 drop\n# regex: 'node_filesystem_(free|size|device_error);([^/].*|/.+)'\n\n$ 108 \ relabel_configs:\n - source_labels: [__address__]\n regex: '(.*):10250'\n$ 109 \ replacement: '${1}:9100'\n target_label: __address__\n - source_labels:$ 110 [__meta_kubernetes_node_label_kubernetes_io_hostname]\n target_label: __instance__\n$ 111 \ - action: labelmap\n regex: __meta_kubernetes_node_label_(.+)\n\n# Scrape$ 112 config for the template service broker\n#- job_name: 'openshift-template-service-broker'\n#$ 113 \ scheme: https\n# tls_config:\n# ca_file: /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt\n#$ 114 \ server_name: apiserver.openshift-template-service-broker.svc\n# bearer_token_file:$ 115 /var/run/secrets/kubernetes.io/serviceaccount/token\n\n# kubernetes_sd_configs:\n#$ 116 \ - role: endpoints\n\n# relabel_configs:\n# - source_labels: [__meta_kubernetes_namespace,$ 117 __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name]\n# action:$ 118 keep\n# regex: openshift-template-service-broker;apiserver;https\n\n\nalerting:\n$ 119 \ alertmanagers:\n - scheme: http\n static_configs:\n - targets:\n -$ 120 \"localhost:9093\""$ 121 kind: ConfigMap$ 122 metadata:$ 123 creationTimestamp: null$ 124 name: prometheus$ ###
This was discussed some time ago during SIG-CLI meeting, currently we only have oc extract to extract contents of config maps or secrets, but there's no reasonable way to apply the modified file back. The proposal from back then is here: https://docs.google.com/document/d/1sw6bpD5Ru7IkTrxZ36sMiBYFlefmyh9XvID-fexPceg/edit For now nothing is happening on that front, I'm going to remove target release on it, for now.
See https://issues.redhat.com/browse/WRKLDS-43