Bug 1884691 - Installer blocks cloud-credential-operator manual mode on GCP and Azure
Summary: Installer blocks cloud-credential-operator manual mode on GCP and Azure
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 4.6
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 4.7.0
Assignee: Matthew Staebler
QA Contact: To Hung Sze
Depends On:
TreeView+ depends on / blocked
Reported: 2020-10-02 17:05 UTC by Devan Goodwin
Modified: 2021-02-24 15:22 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: Installer validation does not allow the credentials mode to be manual for GCP and Azure. Consequence: Cannot install using manual credentials on GCP or Azure Fix: Change the installer validation to accept a credentials mode of manual for GCP and Azure. Result: Installation using manual crednetials on GCP and Azure pass validation.
Clone Of:
Last Closed: 2021-02-24 15:22:23 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github openshift installer pull 4238 0 None closed Bug 1884691: types: allow manual cred mode for gcp and azure 2021-02-17 16:14:11 UTC
Red Hat Product Errata RHSA-2020:5633 0 None None None 2021-02-24 15:22:55 UTC

Internal Links: 1886176

Description Devan Goodwin 2020-10-02 17:05:03 UTC
Thanks for opening a bug report!
Before hitting the button, please fill in as much of the template below as you can.
If you leave out information, it's harder to help you.
Be ready for follow-up questions, and please respond in a timely manner.
If we can't reproduce a bug we might close your issue.
If we're wrong, PLEASE feel free to reopen it and explain why.


$ openshift-install version
openshift-install 4.6.0-fc.8
built from commit 34c35e95e602e3f33a5eddafd00ff00a7c5cf248
release image registry.svc.ci.openshift.org/ocp/release@sha256:ed269ee2de7a6783c8dcb0edcdabd3a81197dbcddac2d189acac1329b67cfc48

Platform: GCP & Azure IPI

What happened?

./openshift-install create cluster --dir=cluster
FATAL failed to fetch Metadata: failed to load asset "Install Config": invalid "install-config.yaml" file: credentialsMode: Unsupported value: "Manual": supported values: "Mint", "Passthrough" 

What did you expect to happen?

GCP & Azure were both tested, QE'd and documented for manual mode, but the installer unfortunately is blocking everything but AWS if using the new InstallConfig.CredentialsMode field, due to a mistake in the cco readme where we did not flag these in the support matrix.

How to reproduce it (as minimally and precisely as possible)?

- openshift-install create install-config --dir=cluster
- specify a GCP cluster (or Azure)
- edit cluster/install-config.yaml and set credentialsMode: "Manual"
- openshift-install create cluster --dir=cluster

Anything else we need to know?

Manual mode is documented for 4.5 using the legacy cloud-credential-operator ConfigMap. 4.6 docs are prepped to change this to using the new format, however this is presently blocked due to the instal-config validation.

Comment 6 wang lin 2020-11-06 07:37:00 UTC
test payload: registry.svc.ci.openshift.org/ocp/release:4.7.0-0.nightly-2020-10-27-051128
The issue has fixed.

test on Azure and GCP
1. Run command 
./openshift-install create install-config
2. edit install-config.yaml and set credentialsMode: "Manual"
3.Create cluster 
./openshift-install create cluster --dir=cluster

Won't hit the issue below
FATAL failed to fetch Metadata: failed to load asset "Install Config": invalid "install-config.yaml" file: credentialsMode: Unsupported value: "Manual": supported values: "Mint", "Passthrough"

Comment 8 To Hung Sze 2021-01-20 20:35:06 UTC
dgoodwin / lwan

Please review this doc bug (especially #3 for incorporating the newly added support for credentialsMode: Manaul covered here):


Comment 10 errata-xmlrpc 2021-02-24 15:22:23 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.