+++ This bug was initially created as a clone of Bug #1874192 +++ Cloned to OCS product so that both OCP and OCS products can track the bug properly. Description of problem ====================== When one opens "Create new Backing Store" form and selects "Google cloud storage" as a provider, it's no longer possible to select k8s secret with credentials. User can only select a file with credentials to be loaded. This behavior is unique for GCP platform. For all other cloud storage providers available in this form: - AWS S3 - S3 Compatible - Azure blob - IBM COS The form shows "secret" form field, with an option to switch to credentials mode. I reported this bug based on OCS MCG dev's team evaluation of BZ 1873646: https://bugzilla.redhat.com/show_bug.cgi?id=1873646#c3 Which suggests that user should have both options available (selecting either already created secret or create new one). Version-Release number of selected component ============================================ OCP: 4.5.0-0.ci-2020-08-31-005035 OCS: 4.5.0-543.ci How reproducible ================ 3/3 Steps to Reproduce ================== 1. Install OCP/OCS cluster 2. Open OCP Console, and navigate to OCS operator 3. Go to "Backing Store" tab (where you will see list of backing stores, such as noobaa-default-backing-store) 4. Click on "Create Backing Store" button 5. In "Create new Backing Store" page, for provider select "Google cloud storage" Actual results ============== With "Google cloud storage" as selected provider, it's not possible to chose k8s secret with authentication details for MCG to control the target bucket. Expected results ================ User can specify the credentials for the storage bucket via both: - already existing k8s secret - entering/loading new secret via "credentials" mode as is the case for all other platforms available in this form.
moving out of 4.5 for now
As it was already reported, I don't see harm in keeping it open for tracking the OCP bug. I don't know what's the final decision if to clone or not but up until now, we haven't cloned so I think we can keep it this way.
@Yuval: We will need UX for this request so assigning it to you.
(In reply to Ankush Behl from comment #6) > @Yuval: We will need UX for this request so assigning it to you. ok, I will update the designs.
Created attachment 1730893 [details] changing the Secret Key field when google is selected as provider
it's already fixed in the UI
see the link to the updated designs: https://marvelapp.com/prototype/98070cf/section/1199966
Checking on GCP with: OCP 4.7.0-0.nightly-2021-02-04-132953 OCS 4.7.0-250.ci Verification: - via GCP Console, I created new bucket named "noobaabz1874367bucket" - via OCP Console, I used "Create Backing Store" page to create new noobaa backing store, selecting GCP as a provider, switching to "secret" mode (from original json credentials upload mode) and selecting existing noobaa-gcp-bucket-creds secret, specifying noobaabz1874367bucket as a target bucket - listing backing stores shows both noobaa-default-backing-store and new bz1874367backingstore in Ready state No further verification steps were performed, as noobaa qe team hasn't indicated that it would be necessary during triage. This matches behavior on other platforms, like AWS or Azure. Verified.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: Red Hat OpenShift Container Storage 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:2041