Bug 1825997
| Summary: | [OCP 4.4][NMO] Create NMO with invalid nodeName successfully creates a nodmaintance object. | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | gharden |
| Component: | Node Maintenance Operator | Assignee: | Marc Sluiter <msluiter> |
| Status: | CLOSED ERRATA | QA Contact: | gharden |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | 4.4 | CC: | abeekhof, aos-bugs, gharden, mlammon, rhhi-next-mgmt-qe, tjelinek |
| Target Milestone: | --- | Keywords: | Triaged |
| Target Release: | 4.6.0 | ||
| Hardware: | Unspecified | ||
| OS: | Linux | ||
| URL: | https://github.com/kubevirt/node-maintenance-operator/pull/77 | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-10-27 15:58:26 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
gharden
2020-04-20 16:34:13 UTC
After a discussion with Andrew Beekhof, targeting 4.5 we would have to add an admission webhook to check for the validity of the node name prior to creating the CRD object. Is that worth the effort? I mean why isn't it enough to allow creation of CRD object with an error value set on the CRD object? PR https://github.com/kubevirt/node-maintenance-operator/pull/77 has been submitted to address the problem and is up for review. the reviewers didn't like my PR, I have to redo it using a different mechanism (olm sdk). Now the task is stalled as we have to swap all of our dependencies to a newer set of dependencies that support this approach. Working on https://github.com/kubevirt/node-maintenance-operator/pull/84 to add webhook via olm (operator lifecycle manager); Now working on validating the fix and adding e2e testing for that case. Current status: the e2e tests work when the OLM test environment is built from the OLM sourcs for os4.5, as the current OLM v0.15.1 version has a bug that has been fixed in the sources of the project. Now waiting for the proper OLM to continue. Version: 4.6.0-0.nightly-2020-08-24-110601 cat << 'EOF' >> invalid_host_maintenance_test.yaml apiVersion: nodemaintenance.kubevirt.io/v1beta1 kind: NodeMaintenance metadata: name: invalid-node spec: nodeName: invalid-node reason: "Test node maintenance for invalid-node" EOF [root@sealusa8 ~]# cat invalid_host_maintenance_test.yaml apiVersion: nodemaintenance.kubevirt.io/v1beta1 kind: NodeMaintenance metadata: name: invalid-node spec: nodeName: invalid-node reason: "Test node maintenance for invalid-node" [root@sealusa8 ~]# oc create -f invalid_host_maintenance_test.yaml Error from server (invalid nodeName, no node with name invalid-node found): error when creating "invalid_host_maintenance_test.yaml": admission webhook "nodemaintenance-validation.kubevirt.io" denied the request: invalid nodeName, no node with name invalid-node found [root@sealusa8 ~]# Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:4196 |