Details
-
Bug
-
Resolution: Not a Bug
-
Undefined
-
None
-
4.15
-
None
-
Important
-
No
-
Rejected
-
False
-
Description
I see that when build and dc capabilities are enabled, builder and deployer sa come up when creating a new project but do not see any secret being attached to it which i feel is a bug since sa with out secret have no use.
Steps to Reproduce:
======================
1. Install 4.15 cluster with `baselineCapabilitySet:None`
2. Once the cluster is installed make sure there are no deployer accounts by running the command `oc get sa -A | grep deployer"
3. Now enable `dc` capability by running the command `oc patch clusterversion/version --type merge -p '{"spec":{"capabilities":
{"additionalEnabledCapabilities":["MachineAPI", "DeploymentConfig"]}}}'`
4. check if the capability has been enabled by running the command `oc get clusterversion version -o jsonpath='{.spec.capabilities}
{"\n"}{.status.capabilities}{"n"}'`
5. wait for the OCMO and OCM pods to be restarted by checking the pod status in `openshift-controller-manager-operator` and `openshift-controller-manager`
6. Now run the command `oc get sa -A | grep deployer` and verify that all deployer sa's comes back
7. Now create a new project using the command `oc new-project <name>`
8. Verify that new project has a `deployer` sa created using the command `oc get sa`, but no secrets attached.
9. Repeat steps from 3 through 7 and verify that `builder` sa has been created, but no secrets attached.
Actual Results:
=============
No secrets attached for both `builder` and `deployer` sa accounts
[knarra@knarra openshift-tests-private]$ oc get sa NAME SECRETS AGE builder 0 3s default 0 3s deployer 0 3s
Expected Results:
================
secrets should be attached for both `builder` and `deployer` sa accounts