Bug 1936904
| Summary: | Wrong output YAML when syncing groups without --confirm | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Sergio G. <sgarciam> |
| Component: | oc | Assignee: | Mike Dame <mdame> |
| Status: | CLOSED ERRATA | QA Contact: | zhou ying <yinzhou> |
| Severity: | low | Docs Contact: | |
| Priority: | medium | ||
| Version: | 4.7 | CC: | aos-bugs, jokerman, mdame, mfojtik |
| Target Milestone: | --- | ||
| Target Release: | 4.8.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | No Doc Update | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-07-27 22:51:56 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Related https://github.com/openshift/oc/blob/release-4.7/pkg/cli/admin/groups/sync/sync.go#L420. The group is created as Unstructured. I opened a PR to work on this here: https://github.com/openshift/oc/pull/759 Still need some feedback on an appropriate way to address this, but it is being investigated Follow the case: OCP-40053, can't reproduce the issue now:
[root@localhost ~]# oc adm groups sync --sync-config=/tmp/ssss.yaml -o yaml
apiVersion: user.openshift.io/v1
items:
- metadata:
creationTimestamp: null
users: null
- metadata:
creationTimestamp: null
users: null
- metadata:
creationTimestamp: null
users: null
- apiVersion: user.openshift.io/v1
kind: Group
metadata:
annotations:
openshift.io/ldap.sync-time: 2021-06-11T10:37:3700800
openshift.io/ldap.uid: cn=group1,ou=groups,ou=rfc2307,dc=example,dc=com
openshift.io/ldap.url: 127.0.0.1:59738
creationTimestamp: null
labels:
openshift.io/ldap.host: 127.0.0.1
name: tc509128group1
users:
- person1smith
- person2smith
- person3smith
- person4smith
- person5smith
- apiVersion: user.openshift.io/v1
kind: Group
metadata:
annotations:
openshift.io/ldap.sync-time: 2021-06-11T10:37:3700800
openshift.io/ldap.uid: cn=group2,ou=groups,ou=rfc2307,dc=example,dc=com
openshift.io/ldap.url: 127.0.0.1:59738
creationTimestamp: null
labels:
openshift.io/ldap.host: 127.0.0.1
name: tc509128group2
users:
- person1smith
- person2smith
- person3smith
- apiVersion: user.openshift.io/v1
kind: Group
metadata:
annotations:
openshift.io/ldap.sync-time: 2021-06-11T10:37:3700800
openshift.io/ldap.uid: cn=group3,ou=groups,ou=rfc2307,dc=example,dc=com
openshift.io/ldap.url: 127.0.0.1:59738
creationTimestamp: null
labels:
openshift.io/ldap.host: 127.0.0.1
name: tc509128group3
users:
- person1smith
- person5smith
kind: GroupList
metadata: {}
[root@localhost ~]# oc apply -f /tmp/group.yaml
group.user.openshift.io/tc509128group1 created
group.user.openshift.io/tc509128group2 created
group.user.openshift.io/tc509128group3 created
resource name may not be empty
resource name may not be empty
resource name may not be empty
[root@localhost ~]# oc get groups
NAME USERS
tc509128group1 person1smith, person2smith, person3smith, person4smith, person5smith
tc509128group2 person1smith, person2smith, person3smith
tc509128group3 person1smith, person5smith
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:2438 |
Description of problem: When syncing groups, the list of groups is not properly created. Each group lacks of apiVersion and Kind fields. How reproducible: Always Actual results: After running a sync, the output YAML is like this one: ---- apiVersion: v1 items: - metadata: annotations: openshift.io/ldap.sync-time: 2021-03-08T07:11:2100100 openshift.io/ldap.uid: gsrlappl_openshift_admin openshift.io/ldap.url: ldapserver.example.local:636 creationTimestamp: null labels: openshift.io/ldap.host: ldapserver.example.local name: GSRLAPPL_Openshift_ADMIN users: - B0640354 - B0640353 - B0638438 - B0638436 kind: List metadata: {} This output is not valid as it lacks of apiVersion and Kind each group, therefore it can't be used with "oc apply -f -". The next error is received: unable to get type info from the object "*unstructured.Unstructured": Object 'Kind' is missing in 'object has no kind field ' But adding the missing fields does the job: $ oc adm groups sync GSRLAPPL_Openshift_ADMIN \ --sync-config=ldap_sync_pl.yml \ -o yaml \ | sed -r -e 's/- metadata:/- kind: Group\n apiVersion: user.openshift.io\/v1\n metadata:/g' \ | oc apply -f - group/GSRLAPPL_Openshift_ADMIN created. Expected results: A valid YAML which can be used with "oc apply -f -": ---- apiVersion: v1 items: - apiVersion: user.openshift.io/v1 kind: Group metadata: annotations: openshift.io/ldap.sync-time: 2021-03-08T07:11:2100100 openshift.io/ldap.uid: gsrlappl_openshift_admin openshift.io/ldap.url: ldapserver.example.local:636 creationTimestamp: null labels: openshift.io/ldap.host: ldapserver.example.local name: GSRLAPPL_Openshift_ADMIN users: - B0640354 - B0640353 - B0638438 - B0638436 kind: List metadata: {}