Description of problem: '*' wildcard isn't accepted as value for 'noProxy' when it is provided in install-config.yaml Version-Release number of the following components: openshift-install 4.5.2 built from commit 6336a4b3d696dd898eed192e4188edbac99e8c27 release image quay.io/openshift-release-dev/ocp-release@sha256:8f923b7b8efdeac619eb0e7697106c1d17dd3d262c49d8742b38600417cf7d1d How reproducible: always Steps to Reproduce: 1. Add in install-config.yaml proxy settings: proxy: httpProxy: http://10.46.41.7:3128 noProxy: "*" 2. Generate ignition files: openshift-install --dir no_proxy create ignition-configs FATAL failed to fetch Kubeconfig Admin Client: failed to load asset "Install Config": invalid "install-config.yaml" file: [proxy: Required value: must include httpProxy or httpsProxy, NoProxy: Invalid value: "*": must be a CIDR or domain, without wildcard characters] Actual results: Command failed with the above output. Expected results: ignition file should be generated successfully Additional info: "*" is considered to be a valid value for noProxy according to https://docs.openshift.com/container-platform/4.5/installing/installing_bare_metal/installing-restricted-networks-bare-metal.html#installation-configure-proxy_installing-restricted-networks-bare-metal "A comma-separated list of destination domain names, domains, IP addresses, or other network CIDRs to exclude proxying. Preface a domain with . to include all subdomains of that domain. Use * to bypass proxy for all destinations." Also, a document bug related to this issue: https://github.com/openshift/openshift-docs/pull/25201
seems like proxies.config.openshift.io/v1 object support this wildcard, so i think the installer can also support this. see https://github.com/openshift/cluster-network-operator/blob/899cff815b2611100eee370cc8e0cdf9b736e1b9/pkg/controller/proxyconfig/validation.go#L64
Reproduced this issue with payload 4.6.0-0.nightly-2020-09-17-195238, noProxy: '*' is not accepted by the installer. Example install-config.yaml: proxy: httpProxy: http://xxx.xx:3128 noProxy: "*" ++ ./openshift-install create manifests --dir '/home/jenkins/workspace/Launch Environment Flexy/workdir/install-dir' level=fatal msg="failed to fetch Master Machines: failed to load asset \"Install Config\": invalid \"install-config.yaml\" file: NoProxy: Invalid value: \"*\": must be a CIDR or domain, without wildcard characters" And on payload 4.6.0-0.nightly-2020-09-20-022022, it accepted '*' now. # oc get proxy cluster -o yaml apiVersion: config.openshift.io/v1 kind: Proxy ... spec: httpProxy: http://xx.xx:3128 noProxy: '*' trustedCA: name: "" status: httpProxy: http://xx.xx:3128 noProxy: '*'
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:4196
This issue has re-surfaced in 4.7.5 (quay.io/openshift-release-dev/ocp-release:4.7.5-x86_64), was definitely not present in 4.7.2. See also https://bugzilla.redhat.com/show_bug.cgi?id=1947066 Maybe the fix was reverted for some reason, although * seems to be a valid value.
I'm very sorry, it was my mistake. Closing