Description of problem: It is not possible to log into multiple OCP clusters with the same username using the OCP 4 CLI without having to re-enter credentials every time. Version-Release number of selected component (if applicable): 4.x How reproducible: Always Steps to Reproduce: $ oc login -u user https://openshift.cluster.one:443 Authentication required for https://openshift.cluster.one:443 (openshift) Username: user Password: Login successful. $ oc login -u user https://openshift.cluster.one:443 Logged into https://openshift.cluster.one:443" as "user" using existing credentials $ oc login -u user https://openshift.cluster.two:443 Authentication required for https://openshift.cluster.two:443 (openshift) Username: user Password: Login successful. $ oc login -u user https://openshift.cluster.one:443 Authentication required for https://openshift.cluster.one:443 (openshift) Username: user Password: Login successful. Actual results: Users have to re-enter their credentials every time they try to switch between clusters. Expected results: Users can log in to clusters where they have already entered credentials for. This was the case in OCP 3. Additional info: The OCP 4 CLI does not distinguish between usernames on different OCP clusters. As a result, the user token is overwritten with each log in. Example: - The contents of ~/.kube/config generated by the OCP 4 CLI after logging in to multiple OCP clusters with the same username: ``` ... kind: Config preferences: {} users: - name: user user: - token: jzd-HQB_bY6cIfJhgJhJY53zVzoOw0qnU21kBUTL7lY + token: JAWCHMbOG6TuqCfqe9h5mKqMNqyXcJWwaByeEqHjSsM ... ``` The same file after the same interaction with the OCP 4 CLI: ``` ... kind: Config preferences: {} users: - name: user/openshift.cluster.one:443 user: token: 4lkgcqM7oHP6PDSl_945oMymylib24ZXWNQvnXAsufY - name: user/openshift.cluster.two:443 user: token: aJp4cNXVZNZAn3HdZLV7JcjrJHUXoQcDw5--G3hdS8I ... ``` Can we restore the "old" behaviour?
I’m adding UpcomingSprint, because I was occupied by fixing bugs with higher priority/severity, developing new features with higher priority, or developing new features to improve stability at a macro level. I will revisit this bug next sprint.
*** Bug 1873314 has been marked as a duplicate of this bug. ***
This is in 'VERIFIED' state for a long time, now. Are there any plans to schedule a release?
(In reply to tmicheli from comment #9) > This is in 'VERIFIED' state for a long time, now. Are there any plans to > schedule a release? It'll be part of 4.7 release and that's still in the works. If you're interested it might get released as part of 4.6.z soon, see the dependant bug.
*** Bug 1857202 has been marked as a duplicate of this bug. ***
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633