-
Type:
Bug
-
Resolution: Unresolved
-
Priority:
Major
-
Component/s: oracle-cloud-infrastructure-compute-plugin
-
None
Summary
`BaremetalCloud`'s `@DataBoundConstructor` has no `regionId` parameter. The cloud's OCI client is built with:
factory.createClient(credentialsId, Integer.parseInt(maxAsyncThreads));
(BaremetalCloud.java, `getClient()`)
Since `regionId` is a field on `BaremetalCloudCredentialsImpl`, the effective region is whatever the credential was created with. There is no way to target a different region from the same credential.
Why this is a problem
A typical multi-region QA setup needs N clouds for N regions. Each cloud is visually configured with region-specific OCIDs (AD, subnet, image, VCN). It is natural — and the UI does nothing to contradict
this — to assume the cloud itself represents a region. It does not: the region comes from the credential.
Result: users must duplicate an OCI API credential once per region, even though the user/tenant/fingerprint/private-key are identical. This also means the same API key ends up encrypted multiple times in Jenkins.
Failure mode
When a user configures a cloud with `us-phoenix-1` resources but uses a credential whose `regionId=us-ashburn-1`, the plugin silently saves the cloud and every subsequent API call 404s with:
Error returned by GetSubnet operation in VirtualNetwork service. (404, NotAuthorizedOrNotFound, false)
Request Endpoint: https://iaas.us-ashburn-1.oraclecloud.com/.../subnets/ocid1.subnet.oc1.phx.xxx
(note the endpoint region and the subnet OCID region mismatch)
...causing the template to be disabled with "consecutive provision failures" and the UI dropdowns (Image, Shape, VCN, Subnet) to display as empty because they cannot be resolved from the wrong regional
endpoint.
