-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
4.17
-
None
-
Quality / Stability / Reliability
-
False
-
-
None
-
Moderate
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
ccoctl tool produces scripts when run with the --dry-run option. These scrips contain errors.
Version
Openshift Version 4.17.12
How reproducible:
Always
Steps to Reproduce:
# extract the ccoctl tool from the release image per the docs.
# use the ccotcl tool
# Create Key Pair
ccoctl gcp create-key-pair --output-dir workloadfederation_dryrun/
# Create identity pool and provider and service accounts.
export PROJECT=openenv-d9nq6
ccoctl gcp create-workload-identity-pool --name $PROJECT --project $PROJECT \
--output-dir workloadfederation_dryrun --dry-run
ccoctl gcp create-workload-identity-provider --name $PROJECT \
--project $PROJECT --output-dir workloadfederation_dryrun --dry-run \
--workload-identity-pool $PROJECT --region europe-west3 \
--public-key-file workloadfederation_dryrun/serviceaccount-signer.public
ccoctl gcp create-service-accounts --credentials-requests-dir credentialrequests \
--dry-run --name $PROJECT --project $PROJECT \
--output-dir workloadfederation_dryrun \
--workload-identity-pool $PROJECT --workload-identity-provider $PROJECT}}
Actual results:
Scripts are created in the output. These are not complete and contain errors.
1. There is a script missing to upload the jwks key file to the bucket.
2. The scripts to create the custom role do not work. (Syntax error on the gcloud command)
3. Some scripts need editing to work.
Expected results:
Additional info:
