Origin: oc get --export scc/<name> doesn't work like oc export scc/<name>

Created on 31 Aug 2018  路  7Comments  路  Source: openshift/origin

After recognized the message that "oc export" is deprecated and I should use "oc get --export" I tried it with the command "oc get --export scc/privileged" and get only the description of the scc that would appears also without the option --export

Version

oc v3.10.14
kubernetes v1.10.0+b81c8f8
features: Basic-Auth GSSAPI Kerberos SPNEGO

Server xxx:8443
openshift v3.10.14
kubernetes v1.10.0+b81c8f8

Steps To Reproduce
  1. oc export scc/privileged
  2. oc get --export scc/privileged (or oc get scc/privileged --export)
Current Result

NAME PRIV CAPS SELINUX RUNASUSER FSGROUP SUPGROUP PRIORITY READONLYROOTFS VOLUMES privileged true [*] RunAsAny RunAsAny RunAsAny RunAsAny <none> false [*]

Expected Result
allowHostDirVolumePlugin: true
allowHostIPC: true
allowHostNetwork: true
allowHostPID: true
allowHostPorts: true
allowPrivilegedContainer: true
allowedCapabilities:
- '*'
apiVersion: v1
defaultAddCapabilities: null
fsGroup:
  type: RunAsAny
groups:
- system:cluster-admins
- system:nodes
- system:masters
kind: SecurityContextConstraints
metadata:
....
Additional Information
simaster sisecurity
Source
picture IlonkaO

Most helpful comment

oc get <resource> -o yaml --export is all you need.

picture soltysh on 18 Sep 2018
👍6

All 7 comments

Update:
The challenge is not only for scc. I tried it also for user and deploymentconfig. Always the same issue

IlonkaO picture IlonkaO on 31 Aug 2018

@openshift/sig-master @openshift/sig-security

enj picture enj on 7 Sep 2018

This is expected. Only a few resources have a custom export strategy defined server-side.
For exporting resources it is ultimately better to export all of the data as-is (in a lossless manner), then modify the object at import-time with any specific changes that it needs.

cc @deads2k

juanvallejo picture juanvallejo on 7 Sep 2018

That is correct, besides oc export is deprecated since 3.10 and is slated for removal in the next release. oc get --export is the only available option for now.

soltysh picture soltysh on 7 Sep 2018

I understand your arguments, but in the OpenShift docs would be mentioned that I can export any information like in my example above. And that doesn't work with oc get --export. So the note that oc export is deprecated and I should use oc get --export is not correct!
And I'm wondering where then I can get the relevant information???

IlonkaO picture IlonkaO on 18 Sep 2018

oc get <resource> -o yaml --export is all you need.

soltysh picture soltysh on 18 Sep 2018
👍6

Closing based on discussion

jwforres picture jwforres on 1 Oct 2018
Was this page helpful?
0 / 5 - 0 ratings

Related issues

nicolaferraro picture nicolaferraro  路  3Comments
slmzig picture slmzig  路  3Comments
smugcloud picture smugcloud  路  5Comments
theone4ever picture theone4ever  路  3Comments
crobby picture crobby  路  4Comments