Bug 1743345

Summary:	Uninstalling operator with csv contains the "clusterPermissions" field, related clusterrole, clusterrolebinding and sa can not be deleted
Product:	OpenShift Container Platform	Reporter:	Jeff Peeler <jpeeler>
Component:	OLM	Assignee:	Evan Cordell <ecordell>
OLM sub component:	OLM	QA Contact:	Cuiping HUO <chuo>
Status:	CLOSED ERRATA	Docs Contact:
Severity:	medium
Priority:	high	CC:	bandrade, chezhang, chuo, dyan, ecordell, jfan, scolange
Version:	4.2.0	Keywords:	Regression
Target Milestone:	---
Target Release:	4.2.0
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:	1729385	Environment:
Last Closed:	2019-10-16 06:36:35 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:
Bug Blocks:	1729385

Comment 2 Cuiping HUO 2019-08-23 07:09:18 UTC

Verified.
cluster version: 4.2.0-0.nightly-2019-08-22-153337
olm.commit.id: 33c4d969a098c1a32e2a2f3f6ca1a1b417923acb
1.install etcd operator with "Update Channel":"clusterwide-alpha" by web console
$ oc get sub -n openshift-operators
NAME   PACKAGE   SOURCE                CHANNEL
etcd   etcd      community-operators   clusterwide-alpha

$ oc get ip -n openshift-operators
NAME            CSV                               SOURCE   APPROVAL    APPROVED
install-ccxc7   etcdoperator.v0.9.4-clusterwide            Automatic   true

$ oc get csv -n openshift-operators
NAME                              DISPLAY                  VERSION             REPLACES                          PHASE
etcdoperator.v0.9.4-clusterwide   etcd                     0.9.4-clusterwide   etcdoperator.v0.9.2-clusterwide   Succeeded

$ oc get clusterrole | grep etcd
etcdbackups.etcd.database.coreos.com-v1beta2-admin                     18s
etcdbackups.etcd.database.coreos.com-v1beta2-crdview                   17s
etcdbackups.etcd.database.coreos.com-v1beta2-edit                      18s
etcdbackups.etcd.database.coreos.com-v1beta2-view                      17s
etcdclusters.etcd.database.coreos.com-v1beta2-admin                    20s
etcdclusters.etcd.database.coreos.com-v1beta2-crdview                  19s
etcdclusters.etcd.database.coreos.com-v1beta2-edit                     19s
etcdclusters.etcd.database.coreos.com-v1beta2-view                     19s
etcdoperator.v0.9.4-clusterwide-69znr                                  2m24s
etcdrestores.etcd.database.coreos.com-v1beta2-admin                    16s
etcdrestores.etcd.database.coreos.com-v1beta2-crdview                  15s
etcdrestores.etcd.database.coreos.com-v1beta2-edit                     17s
etcdrestores.etcd.database.coreos.com-v1beta2-view                     16s

$ oc get clusterrolebinding | grep etcd
etcdoperator.v0.9.4-clusterwide-69znr-etcd-operator-rrf4x                         3m32s

$ oc get sa -n openshift-operators
NAME            SECRETS   AGE
etcd-operator   2         3m51s

2.uninstall etcd operator by web console
$ oc get sub -n openshift-operators
No resources found.
$ oc get ip -n openshift-operators
No resources found.
$ oc get csv -n openshift-operators
No resources found.

$ oc get clusterrole | grep etcd
$ oc get sa -n openshift-operators
$ oc get clusterrolebinding | grep etcd

Comment 3 errata-xmlrpc 2019-10-16 06:36:35 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:2922