Description of problem: The definition of identityProviders in oauth.config.openshift.io is missing the list-type and list-map-keys to allow Server Side Apply. Server Side Apply is key functionality to allow proper usage of GitOps with tools such as OpenShift GitOps, kustomize or even ansible with k8s module. See reference in https://github.com/openshift/cluster-authentication-operator/blob/release-4.8/vendor/github.com/openshift/api/config/v1/types_oauth.go#L31 Version-Release number of selected component (if applicable): - OpenShift Container Platform 4.8.4 How reproducible: - Always Steps to Reproduce: 1. It's missing in the code in https://github.com/openshift/cluster-authentication-operator/blob/release-4.8/vendor/github.com/openshift/api/config/v1/types_oauth.go#L31 and thus Server Side Apply won't work Actual results: Server Side Apply can't be used to manage oauth.config.openshift.io Expected results: It should be possible to configure oauth.config.openshift.io with Server Side Apply once list-type and list-map-keys are set. Additional info: This bug is based on the conversation in https://issues.redhat.com/browse/RFE-2071
lowering severity as we have no degradation in cluster functionality.
sprint review: this bug is well understood, triaged and will be implemented. currently unplanned though.
Tested in fresh cluster 4.10.0-0.nightly-2021-10-25-190146 Check the CRD and it's found missing atomic list-type is there, moving to VERIFIED. $ oc get CustomResourceDefinition oauths.config.openshift.io -o yaml /**snipped**/ type: description: type identifies the identity provider type for this entry. type: string type: object type: array x-kubernetes-list-type: atomic templates: description: templates allow you to customize pages like the login page. /**snipped**/
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:0056