Bug 1908484 - oc adm release extract --cloud=aws --credentials-requests dumps all manifests
Summary: oc adm release extract --cloud=aws --credentials-requests dumps all manifests
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: oc
Version: 4.7
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 4.7.0
Assignee: Sally
QA Contact: zhou ying
Depends On:
TreeView+ depends on / blocked
Reported: 2020-12-16 20:04 UTC by Joel Diaz
Modified: 2021-02-24 15:45 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2021-02-24 15:45:31 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github openshift oc pull 687 0 None closed Bug 1908484: credentials-requests extract only write creds requests not all manifests 2021-01-22 16:18:29 UTC
Red Hat Product Errata RHSA-2020:5633 0 None None None 2021-02-24 15:45:53 UTC

Description Joel Diaz 2020-12-16 20:04:21 UTC
Description of problem:
oc CLI is supposed to be able to extract all of the CredentialsRequest objects for a given release image.

Runnng 'oc adm release extract --credentials-requests --cloud=aws <release image here>' with 'oc' version '4.7.0-0.nightly-2020-12-14-165231' results in what appears to be all of the manifests from a release being placed in the current directory.

Running the same command with 'oc' version '4.6.8' results in printing all of the CredentialsRequest objects for platform AWS to stdout.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Download a recent build of the oc CLI.
2. ./oc adm release extract --credentials-requests --cloud=aws registry.svc.ci.openshift.org/ocp/release:4.7.0-0.ci-2020-12-14-114546

Actual results:
Many, many yaml files placed in current working directory.

Expected results:
Print to stdout all of the CredentialsRequest objects for AWS for the specified release image.

Additional info:

Comment 1 Maciej Szulik 2020-12-17 09:43:26 UTC
This is expected change that landed in 4.7, see https://bugzilla.redhat.com/show_bug.cgi?id=1853116 and https://github.com/openshift/oc/pull/482 for details.

Comment 2 Joel Diaz 2020-12-17 15:26:52 UTC
I see that printing to stdout is gone. But still when I pass the '--credentials-requests' param to the 'extract' subcommand it appears that the oc CLI is dumping *all content*.

[jdiaz@minigoomba oc47]$ ./oc version
Client Version: 4.7.0-0.nightly-2020-12-14-165231
Kubernetes Version: v1.11.0+d4cacc0

[jdiaz@minigoomba oc47]$ ls credreqs  # EMPTY DIR
ls: cannot access 'credreqs': No such file or directory

[jdiaz@minigoomba oc47]$ ./oc adm release extract registry.svc.ci.openshift.org/ocp/release:4.7.0-0.nightly-2020-12-14-165231 --credentials-requests --cloud=aws --to ./credreqs
[jdiaz@minigoomba oc47]$ ls ./credreqs/ | wc -l  # 476 manifests extracted
[jdiaz@minigoomba oc47]$

Comment 4 zhou ying 2021-01-11 12:36:04 UTC
Confirmed with latest oc client , the issue has fixed:

[root@preserver-workloadrhel-1 ext2]# oc version 
Client Version: 4.7.0-0.nightly-2021-01-10-070949
Kubernetes Version: v1.19.0+d59ce34

[root@preserver-workloadrhel-1 ext2]# oc adm release extract --credentials-requests --cloud=aws registry.ci.openshift.org/ocp/release:4.7.0-0.nightly-2021-01-10-070949
[root@preserver-workloadrhel-1 ext2]# ls |wc -l 

Compared with the older oc : 
[root@preserver-workloadrhel-1 ~]# oc version 
Client Version: 4.7.0-202012041716.p0-db6b7f1

[root@preserver-workloadrhel-1 ext]# oc adm release extract --credentials-requests --cloud=aws registry.ci.openshift.org/ocp/release:4.7.0-0.nightly-2021-01-10-070949
[root@preserver-workloadrhel-1 ext]# ls |wc -l

Comment 7 errata-xmlrpc 2021-02-24 15:45:31 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.