Bug 1853585
Summary: | [OCP V45] ComplianceSuite & ComplianceScan should report some result if the nodeSelector is not matching | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Prashant Dhamdhere <pdhamdhe> |
Component: | Compliance Operator | Assignee: | Juan Antonio Osorio <josorior> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Prashant Dhamdhere <pdhamdhe> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 4.5 | CC: | josorior, mrogers, nkinder, xiyuan |
Target Milestone: | --- | ||
Target Release: | 4.6.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2020-09-21 09:02:32 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Prashant Dhamdhere
2020-07-03 08:50:17 UTC
This looks good now, The ComplianceSuite & ComplianceScan show the scan result is NOT-APPLICABLE
if the nodeSelector is not matching with any node label.
Verified on:
OCP 4.6.0-0.nightly-2020-08-27-005538
compliance-operator.v0.1.13
$ oc create -f - <<EOF
> apiVersion: compliance.openshift.io/v1alpha1
> kind: ComplianceSuite
> metadata:
> name: example-compliancesuite
> spec:
> autoApplyRemediations: false
> schedule: "0 1 * * *"
> scans:
> - name: workers-scan
> profile: xccdf_org.ssgproject.content_profile_ncp
> content: ssg-rhcos4-ds.xml
> contentImage: quay.io/complianceascode/ocp4:latest
> debug: true
> nodeSelector:
> node-role.kubernetes.io/rhel: ""
> EOF
compliancesuite.compliance.openshift.io/example-compliancesuite created
$ oc get pods -w
NAME READY STATUS RESTARTS AGE
compliance-operator-869646dd4f-5vq7z 1/1 Running 0 99m
ocp4-pp-7f89f556cc-zzmkj 1/1 Running 0 98m
rhcos4-pp-7c44999587-bckrn 1/1 Running 0 98m
$ oc get compliancesuite
NAME PHASE RESULT
example-compliancesuite DONE NOT-APPLICABLE
$ oc describe compliancesuite example-compliancesuite |grep -A14 "Status:"
Status:
Error Message: The suite result is not applicable, please check if you're using the correct platform
Phase: DONE
Result: NOT-APPLICABLE
Scan Statuses:
Name: workers-scan
Phase: DONE
Result: NOT-APPLICABLE
Results Storage:
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ResultAvailable 116s suitectrl ComplianceSuite's result is: NOT-APPLICABLE
Normal SuiteNotApplicable 116s suitectrl The suite result is not applicable, please check if you're using the correct platform
$ oc get compliancescan
NAME PHASE RESULT
workers-scan DONE NOT-APPLICABLE
$ oc describe compliancescan workers-scan |grep -A14 "Status:"
Status:
Phase: DONE
Result: NOT-APPLICABLE
Results Storage:
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning NoMatchingNodes 2m43s scanctrl No nodes matched the nodeSelector
Normal ResultAvailable 2m43s scanctrl ComplianceScan's result is: NOT-APPLICABLE
Warning ScanNotApplicable 2m43s scanctrl The scan result is not applicable, please check if you're using the correct platform or if the nodeSelector matches nodes.
|