Bug 2015306 - list-type missing in oauth.config.openshift.io for identityProviders breaking Server Side Apply [NEEDINFO]
Summary: list-type missing in oauth.config.openshift.io for identityProviders breaking...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: oauth-apiserver
Version: 4.8
Hardware: x86_64
OS: Linux
medium
low
Target Milestone: ---
: 4.9.z
Assignee: Emily Moss
QA Contact: Yash Tripathi
URL:
Whiteboard:
Depends On: 1992592
Blocks: 2040407
TreeView+ depends on / blocked
 
Reported: 2021-10-18 20:32 UTC by OpenShift BugZilla Robot
Modified: 2022-05-02 15:43 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 2040407 (view as bug list)
Environment:
Last Closed: 2022-01-10 08:50:46 UTC
Target Upstream Version:
emoss: needinfo? (surbania)


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift api pull 1036 0 None open [release-4.9] Bug 2015306: Atomic List Type 2021-10-27 08:42:27 UTC
Github openshift cluster-config-operator pull 224 0 None open [release-4.9] Bug 2015306: bump api 2021-12-22 15:00:33 UTC
Red Hat Product Errata RHBA-2022:0029 0 None None None 2022-01-10 08:51:15 UTC

Comment 3 liyao 2021-11-04 06:10:25 UTC
Tested in fresh cluster 4.9.0-0.nightly-2021-11-03-204841

Check the CRD and it's found missing atomic list-type is NOT there, seems it's not bumped, moving to ASSIGNED to double check. 

$ oc get CustomResourceDefinition oauths.config.openshift.io -o yaml | grep -A5 -B5 templates
                      description: type identifies the identity provider type for
                        this entry.
                      type: string
                  type: object
                type: array
              templates:
                description: templates allow you to customize pages like the login
                  page.
                properties:
                  error:
                    description: error is the name of a secret that specifies a go
                      template to use to render error pages during the authentication

Comment 4 Sergiusz Urbaniak 2021-11-08 07:01:12 UTC
reviewed-in-sprint: not enough capacity to work on this bugzilla.

Comment 7 Sergiusz Urbaniak 2021-11-26 07:25:27 UTC
Iā€™m adding UpcomingSprint, because I was occupied by fixing bugs with higher priority/severity, developing new features with higher priority, or developing new features to improve stability at a macro level. I will revisit this bug next sprint.

Comment 11 Yash Tripathi 2021-12-31 00:56:16 UTC
Verified on 4.9.0-0.nightly-2021-12-23-045233 by using the following steps
1. oc get CustomResourceDefinition oauths.config.openshift.io -o yaml | rg "x-kubernetes-list-type"
/**snipped**/
         type:
                      description: type identifies the identity provider type for
                        this entry.
                      type: string
                  type: object
                type: array
                x-kubernetes-list-type: atomic
/**snipped**/
2. cat test.yaml
apiVersion: config.openshift.io/v1
kind: OAuth
metadata:
  name: cluster
  labels:
    test-label: test
  managedFields:
  - manager: kubectl
    operation: Apply
    apiVersion: v1
    fieldsType: FieldsV1
    fieldsV1:
      f:metadata:
        f:labels:
          f:test-label: {}
spec:
  tokenConfig:
    accessTokenInactivityTimeout: 400s
secret: "test"
redirectURIs:
 - "http://www.example.com/"
grantMethod: prompt

3. oc apply -f test.yaml

Observation:
The x-kubernetes-list-type: atomic present in oauths.config.openshift.io CRD shows that server-side apply should work, and that is verified by applying the specified manifest

Comment 14 errata-xmlrpc 2022-01-10 08:50:46 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.9.13 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:0029


Note You need to log in before you can comment on or make changes to this bug.