Bug 1821447

Summary: If Upgradeable is False due to default SCC mutation, we should provide better messaging to resolve the issue
Product: OpenShift Container Platform Reporter: Abu Kashem <akashem>
Component: kube-apiserverAssignee: Abu Kashem <akashem>
Status: CLOSED ERRATA QA Contact: Ke Wang <kewang>
Severity: high Docs Contact:
Priority: high    
Version: 4.3.0CC: aos-bugs, jkaur, mfojtik, mharri, nagrawal, sttts, xxia
Target Milestone: ---   
Target Release: 4.4.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1818893
: 1821448 (view as bug list) Environment:
Last Closed: 2020-05-04 11:48:34 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1818893    
Bug Blocks: 1821448    

Comment 1 Abu Kashem 2020-04-06 20:25:20 UTC 
This is not an issue in 4.4, since CVO manages the default SCC. It's not reproducible in 4.4, but qe can mutate any default SCC and validate 
- this bug is not present, no DefaultSecurityContextConstraints_Mutated in `Upgradeable` condition.
- CVO will stomp the changes made to the default SCC.
Comment 4 Stefan Schimanski 2020-04-09 11:37:58 UTC 
Nothing to check here for QE. Moving to VERIFIED.
Comment 6 errata-xmlrpc 2020-05-04 11:48:34 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0581