origin: `oc whoami` should not return an error when logged out

When no user is logged in to the cluster, oc whoami should return system:anonymous, not an error.

Version
$ oc version
oc v3.7.1+ab0f056
kubernetes v1.7.6+a08f5eeb62
features: Basic-Auth GSSAPI Kerberos SPNEGO

Server https://192.168.42.245:8443
openshift v3.6.1+008f2d5
kubernetes v1.6.1+5115d708d7
Steps To Reproduce
  1. Logout from the cluster
  2. Run oc whoami
Current Result
$ oc whoami
Error from server (Forbidden): User "system:anonymous" cannot get users.user.openshift.io at the cluster scope
Expected Result
$ oc whoami
system:anonymous

About this issue

  • Original URL
  • State: closed
  • Created 6 years ago
  • Comments: 16 (12 by maintainers)

Most upvoted comments

The simple check like if strings.Contains(response.message, “User "system:anonymous" cannot get”) would be sufficient IMHO.

That is precisely the sort of logic we want to avoid baking into our CLI. Strings of error messages are not an API, and that treats it like one.

+1
liggitt on May 29, 2018

I find this “closing the issue” behavior across the entire OpenShift ecosystem very weird. The OP is never communicated as to what exactly is wrong, the discussions are not really transparent and public, the communication is not clear and defaulting to closing the issue is actually very unwelcoming for a community to build. I explained my use case, what is wrong with the use case? Is the suggested behavior suggested not correct? Why is it not correct? Encouraging incorrect user behavior/output due to implementation details and ignoring feedback is not the best way to lead a project IMO. Maybe just me! 🤷‍♂️

+1
concaf on May 28, 2018
Read more comments on GitHub
← origin: oc run doesn't seem to work with imagestream/istag
origin: OCP v3.9.0-0.53.0 "oc cluster up" never finishes →