New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix failed token deletion #194
base: main
Are you sure you want to change the base?
Conversation
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: rev3r4nt The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Hi @rev3r4nt. Thanks for your PR. I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
plugins/modules/openshift_auth.py
Outdated
@@ -222,7 +222,7 @@ def get_oauthaccesstoken_objectname_from_token(token_name): | |||
""" | |||
|
|||
sha256Prefix = "sha256~" | |||
content = token_name.strip(sha256Prefix) | |||
content = token_name[len(sha256Prefix):] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should only slice if the string starts with the prefix:
if token_name.startswith(sha256Prefix):
content = token_name[len(sha256Prefix):]
else:
content = token_name
/ok-to-test |
/retest |
@rev3r4nt: The following test failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
Issues go stale after 90d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle stale |
Stale issues rot after 30d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle rotten |
/remove-lifecycle rotten |
Would love to see this fixed - Using this module with AAP/ACM, it's frustrating having an Automation Template Job fail at the "logout" task randomly |
Randomly, the openshift_auth module exits in error and does not delete the token.
Couldn't delete user oauth access token 'sha256~BmhQbi0TLPGJqA15PdLbbfJesJlQX_208Iv9saVpU2U' due to: useroauthaccesstokens.oauth.openshift.io \"sha256~BmhQbi0TLPGJqA15PdLbbfJesJlQX_208Iv9saVpU2U\" not found
When this happens, the token name does not match the one returned by the Openshift API.
Ansible version: core
2.15.3
Python version:
3.10.8
Collection community.okd version
2.3.0
I discovered that it failed because Python strip method argument is not a prefix or suffix; rather, all combinations of its values are stripped. So if the token begins with a character of the set
sha256~
, the token name is not correctly deducted.