Loading...

XML

Word

Printable

Type: Bug
Resolution: Can't Do
Priority: Critical
Fix Version/s: None
Affects Version/s: 4.15
Component/s: Cloud Credential Operator
Labels:
- gcp

Regression:
No
Release Blocker:
Rejected
Blocked:
False
Blocked Reason:

Hide

None

Show
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Description of problem:

Cloud credential operator throws an error when trying to mint gcp credentials using a custom role which has been deleted.

Version-Release number of selected component (if applicable):

4.15

How reproducible:

When role is in a deleted state.

Steps to Reproduce:

    1. Create a gcp cluster with one of the custom roles deleted.
    2.
    3.

Actual results:

cloud-credential-operator throws the following error:
2023-12-07T15:51:15.027808933Z time="2023-12-07T15:51:15Z" level=error msg="error syncing creds in mint-mode" actuator=gcp cr=openshift-cloud-credential-operator/openshift-cloud-network-config-controller-gcp error="error creating custom role: rpc error: code = FailedPrecondition desc = You can't create a role_id (x_openshiftcloudnetworkconfigcont) which has been marked for deletion."

Expected results:

The role should be (re)enabled and no error.

Additional info:

blocks

SDN-4158 Update GCP Credentials Request manifest of the Cluster Network Operator to use new API field for requesting permissions

Closed

is related to

CCO-285 GCP openshift role granularity enhancement - phase 2

Closed

OCPSTRAT-243 Custom roles for GCP Workload Identity

Closed

Assignee:: Jeremiah Stuever

Reporter:: Jeremiah Stuever

QA Contact:: Jianping Shu

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2023/12/07 8:47 PM

Updated:: 2023/12/19 2:38 PM

Resolved:: 2023/12/07 9:24 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates

Hide