Loading...

XML

Word

Printable

Type: Bug
Resolution: Obsolete
Priority: Undefined
Fix Version/s: None
Affects Version/s: v0.1.0
Component/s: insights-on-prem
Labels:

Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Problem Description

The install-authorino.sh script fails when following the documented JWT Authentication Setup workflow because it requires the ros-ocp namespace to exist, but the documented workflow runs install-authorino.sh BEFORE install-helm-chart.sh (which creates the ros-ocp namespace).

This creates a chicken-and-egg problem where the script cannot complete successfully when following the official documentation.

Error Message

[INFO] === Creating Authorino Instance ===
[ERROR] Namespace 'ros-ocp' does not exist
[INFO] Please create the namespace first or set NAMESPACE environment variable
[ERROR] Failed to create Authorino instance

Documented Workflow (from scripts/README.md)

h3. JWT Authentication Setup

h1. 1. Deploy Keycloak/RHSSO
./deploy-rhsso.sh

h1. 2. Deploy Kafka infrastructure
./deploy-strimzi.sh

h1. 3. Deploy Authorino for OAuth2 authentication
./install-authorino.sh    # [-- FAILS HERE: ros-ocp namespace doesn't exist yet

h1. 4. Deploy ROS with JWT authentication
export JWT_AUTH_ENABLED=true
./install-helm-chart.sh   # <-- Creates ros-ocp namespace

Steps to Reproduce

1. Follow the JWT Authentication Setup workflow in scripts/README.md
  2. Run ./install-authorino.sh (step 3)
  3. Script fails because ros-ocp namespace doesn't exist
  4. The namespace is created later in step 4 by ./install-helm-chart.sh

Affected Code

File: scripts/install-authorino.sh, lines 136-141:

h1. Check if namespace exists
if ! oc get namespace "$NAMESPACE" ]/dev/null 2>&1; then
    echo_error "Namespace '$NAMESPACE' does not exist"
    echo_info "Please create the namespace first or set NAMESPACE environment variable"
    return 1
fi

Recommended Fixes

Option 1 (Preferred): Auto-create namespace in install-authorino.sh

h1. Check if namespace exists, create if missing
if ! oc get namespace "$NAMESPACE" >/dev/null 2>&1; then
    echo_info "Namespace '$NAMESPACE' does not exist, creating it..."
    oc create namespace "$NAMESPACE"
    echo_success "Namespace '$NAMESPACE' created"
else
    echo_info "Namespace '$NAMESPACE' already exists"
fi

Option 2: Update documentation to reorder steps:

h1. 3. Create namespace first
oc create namespace ros-ocp

h1. 4. Deploy Authorino for OAuth2 authentication
./install-authorino.sh

h1. 5. Deploy ROS with JWT authentication
export JWT_AUTH_ENABLED=true
./install-helm-chart.sh

Option 3: Update documentation to clarify prerequisite:

h1. 3. Deploy Authorino for OAuth2 authentication
h1. NOTE: Ensure ros-ocp namespace exists first (created by install-helm-chart.sh or manually)
./install-authorino.sh

Workaround

Manually create the namespace before running install-authorino.sh:

oc create namespace ros-ocp
./install-authorino.sh

Environment Information

Repository: ros-helm-chart
Git Branch: main
Git Commit: 7ff078b513b7991f558e212184ed86fae3c6742d
Affected File: scripts/install-authorino.sh (lines 136-141)
Documentation: scripts/README.md (JWT Authentication Setup section)
Affected Version: IOP-POC-0.1
Component: insights-on-prem

Severity

Medium - Script fails when following official documentation, but simple workaround exists. Affects new deployments following JWT authentication setup guide.

Assignee:: Jordi Gil

Reporter:: Chad Crum

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2025/11/03 9:46 PM

Updated:: 2025/11/30 10:49 AM

Resolved:: 2025/11/24 5:16 PM

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates