Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-35281

Display of "Auth Token GCP" filter in OperatorHub should be conditioned

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Major Major
    • 4.16.0
    • 4.15.0
    • Management Console
    • None
    • No
    • False
    • Hide

      None

      Show
      None
    • Release Note Not Required

      This is a clone of issue OCPBUGS-33756. The following is the description of the original issue:

      Description of problem:

      The "Auth Token GCP" filter in OperatorHub is displayed all the time, but in stead it should be rendered only for GPC cluster that have Manual creadential mode. When an GCP WIF capable operator is installed and the cluster is in GCP WIF mode, the Console should require the user to enter the necessary information about the GCP project, account, service account etc, which is in turn to be injected the operator's deployment via subscription.config (exactly how Azure and AWS STS got implemented in Console)

      Version-Release number of selected component (if applicable):

      4.15

      How reproducible:

      Steps to Reproduce:

          1. On a non-GCP cluster, navigate to OperatorHub
    2. check available filters
    3.

      Actual results:

          "Auth Token GCP" filter is available in OperatorHub

      Expected results:

          "Auth Token GCP" filter should not be available in OperatorHub for a non-GCP cluster. 
    When selecting an operator that supports "Auth token GCP" as indicated by the annotation features.operators.openshift.io/token-auth-gcp: "true" the console needs to, aligned with how it works AWS/Azure auth capable operators, force the user to input the required information to auth against GCP via WIF in the form of env vars that are set up using subscription.config on the operator. The exact names need to come out of https://issues.redhat.com/browse/CCO-574

      Additional info:

      Azure PR - https://github.com/openshift/console/pull/13082
AWS PR - https://github.com/openshift/console/pull/12778

      UI Screen Design can be taken from the existing implementation of the Console support short-lived token setup flow for AWS and Azure described here: https://docs.google.com/document/d/1iFNpyycby_rOY1wUew-yl3uPWlE00krTgr9XHDZOTNo/edit

              jhadvig@redhat.com Jakub Hadvig
              openshift-crt-jira-prow OpenShift Prow Bot
              Xiyun Zhao Xiyun Zhao
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: