Bug 1277986

Summary: Need to be able to reconcile new SCCs when upgrading
Product: OKD Reporter: Paul Weil <pweil>
Component: ocAssignee: Paul Weil <pweil>
Status: CLOSED CURRENTRELEASE QA Contact: Wei Sun <wsun>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 3.xCC: aos-bugs, jliggitt, mmccomas, wjiang, xtian
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-11-23 21:14:05 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Paul Weil 2015-11-04 13:35:25 UTC
Description of problem:

When upgrading a cluster there needs to be a way to reconcile SCCs that are in the new code against existing cluster SCCs.  This needs to be a cli command.

The command should

1.  Always reconcile the definitions (everything except users, groups, and priority)
2.  Have an option to overwrite users, groups, and priority
3.  Always reconcile nil priorities with new values if set
4.  Show what will be reconciled and not save changes until --confirm is issued

Comment 1 Paul Weil 2015-11-04 13:36:01 UTC
PR https://github.com/openshift/origin/pull/5606

Comment 2 Jordan Liggitt 2015-11-04 22:16:53 UTC
Additionally, an upgrade from 3.0.2 to 3.1 will pick up new default SCCs on server start, but will need a `oadm policy reconcile-sccs --confirm` to update any changed definitions

Comment 3 weiwei jiang 2015-11-05 07:16:30 UTC
Checked with devenv_rhel7_2638, and work well.