Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-23071

inpect collections of resources is reported as an error (not a warning)

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done-Errata
    • Minor
    • 4.15.0
    • 4.13.z, 4.12.z, 4.11.z, 4.14.z
    • oc
    • None
    • No
    • False
    • Hide

      None

      Show
      None
    • NA
    • Release Note Not Required
    • In Progress

    Description

      As part of this slack thread.

      Description of problem:

      When SRE collects data using `oc adm inspect`; the collection reports an error on 'secrets' (see below). This is because of the way SRE manages our hosted platforms, and the SRE users (service accounts) are not 'true admins' and must impersonate admins to preform operations. 
      $ oc adm inspect --dest-dir=must-gather ns/openshift-sdn

Gathering data for ns/openshift-sdn...
...
Wrote inspect data to must-gather.
error: errors occurred while gathering data:
    secrets is forbidden: User "system:serviceaccount:openshift-backplane-srep:f2b5cf795ef1fc5289490411d49ab042" cannot list resource "secrets" in API group "" in the namespace "openshift-sdn"

      At the end of the day; the 'error' here is 'erroneous' (not a true error) but more of a warning, telling user that a specific object wasn't collected. 

      Attachments

        Issue Links

          links to

          GitHub openshift/oc#1601: OCPBUGS-23071: Mention inspection completion in the error message

          Web Link RHSA-2023:7198 OpenShift Container Platform 4.15 security update

          Activity

            People

              aguclu@redhat.com Arda Guclu
              rhn-support-edrich Eric Rich
              ying zhou ying zhou
              Tomas Dabasinskas
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: