+++ This bug was initially created as a clone of Bug #1969547 +++ Version: 4.8.0-fc.7 The <clusterdeployment name>-admin-kubeconfig secret doesn't get created until the spoke cluster is successfully deployed. Ths makes it harder to debug issues during deployment Steps to reproduce: attempt to deploy a spoke cluster with AI/operator. Try to retrieve the secret with kubeconfig: oc get secret `oc get cd -o custom-columns=:.metadata.name`-admin-kubeconfig -o json|jq -r ".data.kubeconfig"|base64 -d result: Error from server (NotFound): secrets "<clusterdeployment>-admin-kubeconfig" not found Expected result: we should get the secret sooner in order to debug possible issues. --- Additional comment from mfilanov on 20210610T12:04:42 Need to upload the secret twice, once when the installation stars, that will upload the kubeconfig without ingress CA and once again when the installation finish.
FailedQA. Version: quay.io/acm-d/acm-custom-registry:2.3.0-DOWNSTREAM-2021-06-28-15-34-59 HUB: 4.8.0-0.nightly-2021-06-25-182927 spoke: 4.8.0-fc.9-x86_64 oc get clusterversion NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version False True 16m Working towards 4.8.0-fc.9: 577 of 676 done (85% complete) oc get secret NAME TYPE DATA AGE builder-dockercfg-8f6t9 kubernetes.io/dockercfg 1 24m builder-token-h9btw kubernetes.io/service-account-token 4 24m builder-token-qn97r kubernetes.io/service-account-token 4 24m cluster-installer-dockercfg-r4k5f kubernetes.io/dockercfg 1 23m cluster-installer-token-4h9ck kubernetes.io/service-account-token 4 23m cluster-installer-token-9hnng kubernetes.io/service-account-token 4 23m default-dockercfg-2j8zt kubernetes.io/dockercfg 1 24m default-token-5jrm5 kubernetes.io/service-account-token 4 24m default-token-7l4mp kubernetes.io/service-account-token 4 24m deployer-dockercfg-g4hrt kubernetes.io/dockercfg 1 24m deployer-token-m2grs kubernetes.io/service-account-token 4 24m deployer-token-nz7qs kubernetes.io/service-account-token 4 24m elvis-merged-pull-secret kubernetes.io/dockerconfigjson 1 23m pull-secret kubernetes.io/dockerconfigjson 1 23m sno-bmc-secret Opaque 2 23m oc get AgentClusterInstall -n elvis -o=custom-columns='STATUS:status.conditions[-3].message' STATUS The installation is in progress: Finalizing cluster installation oc get secret NAME TYPE DATA AGE builder-dockercfg-8f6t9 kubernetes.io/dockercfg 1 24m builder-token-h9btw kubernetes.io/service-account-token 4 24m builder-token-qn97r kubernetes.io/service-account-token 4 24m cluster-installer-dockercfg-r4k5f kubernetes.io/dockercfg 1 24m cluster-installer-token-4h9ck kubernetes.io/service-account-token 4 24m cluster-installer-token-9hnng kubernetes.io/service-account-token 4 24m default-dockercfg-2j8zt kubernetes.io/dockercfg 1 24m default-token-5jrm5 kubernetes.io/service-account-token 4 24m default-token-7l4mp kubernetes.io/service-account-token 4 24m deployer-dockercfg-g4hrt kubernetes.io/dockercfg 1 24m deployer-token-m2grs kubernetes.io/service-account-token 4 24m deployer-token-nz7qs kubernetes.io/service-account-token 4 24m elvis-merged-pull-secret kubernetes.io/dockerconfigjson 1 24m pull-secret kubernetes.io/dockerconfigjson 1 24m sno-bmc-secret Opaque 2 23m #only after the cluster is installed we see the secret created oc get AgentClusterInstall -n elvis -o=custom-columns='STATUS:status.conditions[-3].message' STATUS The installation has completed: Cluster is installed oc get secret|grep kubeconfig elvis-admin-kubeconfig Opaque 2 85s
This ticket was not released in downstream yet. QE should follow the releases in https://github.com/open-cluster-management/backlog
Verified with 2.3.0-DOWNSTREAM-2021-07-02-22-02-33 kubeconfig secret is created while the cluster is installing oc get AgentClusterInstall -n sno-0 -o=custom-columns='STATUS:status.conditions[-3].message' STATUS The installation is in progress: Installation in progress oc get secret -n sno-0 |grep kubeconfig sno-0-admin-kubeconfig Opaque 1 12m
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:2438