Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-26512

CCO reports wrong credentials mode in metrics

XMLWordPrintable

    • No
    • False
    • Hide

      None

      Show
      None
    • Hide
      Previously, when the Cloud Credential Operator (CCO) was in default mode, CCO used an incorrect client for root credential queries. The CCO failed to find the intended secret and wrongly reported a `credsremoved` mode in the `cco_credentials_mode` metric. With this release, the CCO now uses the correct client so to ensure accurate reporting of the `cco_credentials_mode` metric. (link:https://issues.redhat.com/browse/OCPBUGS-26512[*OCPBUGS-26512*])
      Show
      Previously, when the Cloud Credential Operator (CCO) was in default mode, CCO used an incorrect client for root credential queries. The CCO failed to find the intended secret and wrongly reported a `credsremoved` mode in the `cco_credentials_mode` metric. With this release, the CCO now uses the correct client so to ensure accurate reporting of the `cco_credentials_mode` metric. (link: https://issues.redhat.com/browse/OCPBUGS-26512 [* OCPBUGS-26512 *])
    • Bug Fix
    • Done

      This is a clone of issue OCPBUGS-26488. The following is the description of the original issue:

      Description of problem:

      CCO reports credsremoved mode in metrics when the cluster is actually in the default mode. 
      See https://prow.ci.openshift.org/view/gs/origin-ci-test/pr-logs/pull/openshift_release/47349/rehearse-47349-pull-ci-openshift-cloud-credential-operator-release-4.16-e2e-aws-qe/1744240905512030208 (OCP-31768). 

      Version-Release number of selected component (if applicable):

      4.16

      How reproducible:

      Always. 

      Steps to Reproduce:

      1. Creates an AWS cluster with CCO in the default mode (ends up in mint)
      2. Get the value of the cco_credentials_mode metric
          

      Actual results:

      credsremoved    

      Expected results:

      mint    

      Root cause:

      The controller-runtime client used in metrics calculator (https://github.com/openshift/cloud-credential-operator/blob/77a68ad01e75162bfa04097b22f80d305c192439/pkg/operator/metrics/metrics.go#L77) is unable to GET the root credentials Secret (https://github.com/openshift/cloud-credential-operator/blob/77a68ad01e75162bfa04097b22f80d305c192439/pkg/operator/metrics/metrics.go#L184) since it is backed by a cache which only contains target Secrets requested by other operators (https://github.com/openshift/cloud-credential-operator/blob/77a68ad01e75162bfa04097b22f80d305c192439/pkg/cmd/operator/cmd.go#L164-L168).

              fxierh Feilian Xie
              openshift-crt-jira-prow OpenShift Prow Bot
              Jianping Shu Jianping Shu
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: