OCPBUGS-77000, OCPBUGS-77013: OLM prompts for GCP Workload Identity parameters during Kiali Operato…#16051
Conversation
|
@cajieh: This pull request references Jira Issue OCPBUGS-77000, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/jira refresh |
📝 WalkthroughWalkthroughThe changes refine the TokenAuthGCP feature resolution logic in the operator hub utilities by introducing a 🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches
🧪 Generate unit tests (beta)
Comment |
|
@cajieh: An error was encountered updating to the POST state for bug OCPBUGS-77000 on the Jira server at https://issues.redhat.com/. No known errors were detected, please see the full error message for details. Full error message.
No response returned: Post "https://issues.redhat.com/rest/api/2/issue/17894093/transitions": POST https://issues.redhat.com/rest/api/2/issue/17894093/transitions giving up after 5 attempt(s)
Please contact an administrator to resolve this issue, then request a bug refresh with DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
@cajieh: An error was encountered updating to the POST state for bug OCPBUGS-77000 on the Jira server at https://issues.redhat.com/. No known errors were detected, please see the full error message for details. Full error message.
Error marking step #38842851 finished: root cause: Tried to update an entity that does not exist.: request failed. Please analyze the request body for more details. Status code: 400:
Please contact an administrator to resolve this issue, then request a bug refresh with DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
@cajieh: This pull request references Jira Issue OCPBUGS-77000, which is valid. 3 validation(s) were run on this bug
Requesting review from QA contact: DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
…r installation despite no GCP token-auth support
b83ba0e to
1df2b45
Compare
|
@cajieh: all tests passed! Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
@cajieh: This pull request references Jira Issue OCPBUGS-77000, which is valid. 3 validation(s) were run on this bug
Requesting review from QA contact: The bug has been updated to refer to the pull request using the external bug tracker. This pull request references Jira Issue OCPBUGS-77013, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/label acknowledge-critical-fixes-only |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: cajieh, jhadvig The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/verified later @yapei |
|
@cajieh: This PR has been marked to be verified later by DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/jira refresh |
|
/retest |
|
@cajieh: This pull request references Jira Issue OCPBUGS-77000, which is valid. 3 validation(s) were run on this bug
Requesting review from QA contact: This pull request references Jira Issue OCPBUGS-77013, which is invalid:
Comment DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/jira refresh |
|
@cajieh: This pull request references Jira Issue OCPBUGS-77000, which is valid. 3 validation(s) were run on this bug
Requesting review from QA contact: This pull request references Jira Issue OCPBUGS-77013, which is valid. The bug has been moved to the POST state. 3 validation(s) were run on this bug
No GitHub users were found matching the public email listed for the QA contact in Jira (jiazha@redhat.com), skipping review request. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
@cajieh: This pull request references Jira Issue OCPBUGS-77000, which is valid. 3 validation(s) were run on this bug
Requesting review from QA contact: This pull request references Jira Issue OCPBUGS-77013, which is valid. 3 validation(s) were run on this bug
No GitHub users were found matching the public email listed for the QA contact in Jira (jiazha@redhat.com), skipping review request. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |




Bug:
On GCP Workload Identity Federation (WIF) clusters, the Console incorrectly prompts users for GCP Workload Identity parameters during operator installation (e.g., Kiali Operator), even when the operator explicitly declares it does not support GCP token authentication via
features.operators.openshift.io/token-auth-gcp: "false".Root Cause: The
getInfrastructureFeaturesfunction in operator-hub-utils.ts used inconsistent logic for GCP compared to AWS and Azure:AWS/Azure: Checked !== 'false' (opt-out)
GCP: Only checked if cluster was GCP WIF, ignoring the annotation entirely.
Fix: Changed all three cloud providers to use opt-in logic (
=== 'true') for token authentication feature detection.The `token-auth-{xxx} Annotations behavior change from opt-out to opt-in:
Previously (opt-out): Prompts were shown by default unless explicitly disabled.
Now (opt-in): Prompts are hidden by default unless explicitly enabled.
This prevents irrelevant prompts from appearing when the feature is not supported.
Kiali Operator :
token-auth-GCP="false"Before:
After:
Regression testing
Loki Operator :
token-auth-GCP="true"It would be good to verify this change for AWS and Azure.
cc: @yapei