Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Normal
Fix Version/s: None
Affects Version/s: OpenShift 4.18 Async, OpenShift 4.20 Freeze, OpenShift 4.19 Async, OpenShift 4.21 Async
Component/s: Distributed Tracing
Labels:

Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Intelligence Requested:
Market:

Severity:
Moderate

SFDC Cases Links:
SFDC Cases Open:
SFDC Cases Counter:

Google Cloud storage with the STS wrong command structure
Here is the documentation link: https://docs.redhat.com/en/documentation/openshift_container_platform/4.21/html/distributed_tracing/distr-tracing-tempo-installing#setting-up-google-cloud-storage-with-security-token-service_distr-tracing-tempo-installing

Current documentation looks:

SERVICE_ACCOUNT_EMAIL=$(gcloud iam service-accounts create <iam_service_account_name> \  1 
    --display-name="Tempo Account" \
    --project <project_id>  \  2 
    --format='value(email)' \
    --quiet)

$ gcloud projects add-iam-policy-binding <project_id> \
    --member "serviceAccount:$SERVICE_ACCOUNT_EMAIL" \
    --role "roles/storage.objectAdmin"

$ gcloud iam workload-identity-pools create-cred-config \
    "projects/<project_number>/locations/global/workloadIdentityPools/<pool_id>/providers/<provider_id>" \
    --service-account="$SERVICE_ACCOUNT_EMAIL" \
    --credential-source-file=/var/run/secrets/storage/serviceaccount/token \  1 
    --credential-source-type=text \
    --output-file=<output_file_path>  2

In the above commands, the "- " signs are incorrectly placed below the "$" symbol.
However, they should be aligned parallel to the "oc" command, where the command begins.

Here is the updated look for all these code blocks:

SERVICE_ACCOUNT_EMAIL=$(gcloud iam service-accounts create <iam_service_account_name> \  1 
--display-name="Tempo Account" \
--project <project_id>  \  2 
--format='value(email)' \
--quiet)

$ gcloud projects add-iam-policy-binding <project_id> \
  --member "serviceAccount:$SERVICE_ACCOUNT_EMAIL" \
  --role "roles/storage.objectAdmin"

$ gcloud iam workload-identity-pools create-cred-config \
      "projects/<project_number>/locations/global/workloadIdentityPools/<pool_id>/providers/<provider_id>" \
  --service-account="$SERVICE_ACCOUNT_EMAIL" \
  --credential-source-file=/var/run/secrets/storage/serviceaccount/token \1 
  --credential-source-type=text \
  --output-file=<output_file_path>

The commands will work as it is, but the structure is incorrect.
It should be a standard format all over the documentation. Hence, it needs to be changed.
I will raise a PR for this change and it get merged.

links to

openshift/openshift-docs#107640: Fix formatting issues in GCP STS setup documentation

Assignee:: Unassigned

Reporter:: Prithviraj Patil

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2026/02/27 7:02 PM

Updated:: 2026/02/27 7:08 PM