Bug 1739504

Summary: kube-apiserver shouldn't allow upgrades when unsupported feature gate is set until CVO handles it natively
Product: OpenShift Container Platform Reporter: Tomáš Nožička <tnozicka>
Component: InstallerAssignee: Abhinav Dahiya <adahiya>
Installer sub component: openshift-installer QA Contact: Johnny Liu <jialiu>
Status: CLOSED DUPLICATE Docs Contact:
Severity: unspecified    
Priority: unspecified CC: adahiya, aos-bugs, ccoleman, decarr, jialiu, mfojtik, wking
Version: 4.1.0   
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1730401 Environment:
Last Closed: 2019-08-26 16:12:47 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Tomáš Nožička 2019-08-09 13:30:42 UTC 
+++ This bug was initially created as a clone of Bug #1730401 +++

Description of problem:

The CVO should block an upgrade of a cluster whose FeatureGate is configured for TechPreviewNoUpgrade when upgrading across minor versions.

Actual results:
The cluster upgrade is not blocked.

Expected results:
The cluster upgrade should be blocked across minor versions.

--- Additional comment from Clayton Coleman on 2019-07-30 13:34:53 UTC ---

This probably needs an API change (and a design) if we put it in the CVO, because we don't want the existing `force` flag to be used for this (that teaches users to run unsecured content).   We can have oc adm upgrade check Upgradeable and bypass if --bypass-tech-preview or similar.

--- Additional comment from W. Trevor King on 2019-08-01 23:57:52 UTC ---

> The cluster upgrade should be blocked across minor versions.

Only minor versions?  The docs [1] say "PREVENTS UPGRADES", which sounds like "no upgrades at all" which would include patch-level changes or anything else that required looking at a different release image.  But maybe we're confident enough in patch-level changes that we don't feel the need to block them?  Personally I don't see a problem forcing users to delete/recreate their cluster after they've set this, even for minor bumps.

> We can have oc adm upgrade check Upgradeable and bypass if --bypass-tech-preview or similar.

Is this something we want to allow people to bypass?  The docs also say this setting "CANNOT BE UNDONE".

[1]: https://github.com/openshift/api/blob/0922aa5a655be314e20a3e0e94f4f2b105100154/config/v1/types_feature.go#L31
Comment 1 Tomáš Nožička 2019-08-09 14:14:03 UTC 
Bad clone. This is about setting Upgradable for kube-apiserver to false when unsupported feature gate is set until there is native support in CVO.
Comment 4 Abhinav Dahiya 2019-08-26 16:12:47 UTC 

*** This bug has been marked as a duplicate of bug 1730401 ***