Bug 1865804
| Summary: | The existing profile.compliance object is getting removed when a new probilebundle gets created | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | xiyuan |
| Component: | Compliance Operator | Assignee: | Jakub Hrozek <jhrozek> |
| Status: | CLOSED ERRATA | QA Contact: | Prashant Dhamdhere <pdhamdhe> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 4.6 | CC: | josorior, mrogers, xiyuan |
| Target Milestone: | --- | ||
| Target Release: | 4.6.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-10-27 16:23:12 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
xiyuan
2020-08-04 08:31:23 UTC
I think I know what's going on and how to fix it.. WIP: https://github.com/jhrozek/compliance-operator-1/commits/trackimg I am on PTO thursday and friday; the code already works well, but I guess I'm out of time to provide a test. Feel free to pick the work up if the fix is very urgent.. Merged upstream with https://github.com/openshift/compliance-operator/commit/0642dcf4a3177190a4f3dd4b49c07e605165d743 Now,The existing profile.compliance object does get removed when a new profilebundles or profile.compliance object get created
Verified on:
OCP 4.6.0-0.nightly-2020-08-27-005538
compliance-operator.v0.1.13
$ oc get profilebundles
NAME CONTENTIMAGE STATUS
ocp4 quay.io/complianceascode/ocp4:latest VALID
rhcos4 quay.io/complianceascode/ocp4:latest VALID
$ oc get profiles.compliance
NAME AGE
ocp4-cis 77m
ocp4-e8 77m
ocp4-moderate 77m
ocp4-ncp 77m
rhcos4-e8 77m
rhcos4-moderate 77m
rhcos4-ncp 77m
$ oc create -f - << EOF
> apiVersion: compliance.openshift.io/v1alpha1
> kind: ProfileBundle
> metadata:
> name: test1
> spec:
> contentImage: quay.io/jhrozek/ocp4-openscap-content@sha256:a1709f5150b17a9560a5732fe48a89f07bffc72c0832aa8c49ee5504510ae687
> contentFile: ssg-rhcos4-ds.xml
> EOF
profilebundle.compliance.openshift.io/test1 created
$ oc get pods
NAME READY STATUS RESTARTS AGE
aggregator-pod-worker-scan 0/1 Completed 0 18m
compliance-operator-869646dd4f-5vq7z 1/1 Running 0 85m
ocp4-pp-7f89f556cc-zzmkj 1/1 Running 0 85m
rhcos4-pp-7c44999587-bckrn 1/1 Running 0 85m
test1-pp-6588d99d8f-pvkr2 1/1 Running 0 2m58s
worker-scan-ip-10-0-150-92.us-east-2.compute.internal-pod 0/2 Completed 0 21m
worker-scan-ip-10-0-177-228.us-east-2.compute.internal-pod 0/2 Completed 0 21m
worker-scan-ip-10-0-219-103.us-east-2.compute.internal-pod 0/2 Completed 0 21m
$ oc get profilebundles
NAME CONTENTIMAGE STATUS
ocp4 quay.io/complianceascode/ocp4:latest VALID
rhcos4 quay.io/complianceascode/ocp4:latest VALID
test1 quay.io/jhrozek/ocp4-openscap-content@sha256:a1709f5150b17a9560a5732fe48a89f07bffc72c0832aa8c49ee5504510ae687 VALID
$ oc get profiles.compliance
NAME AGE
ocp4-cis 85m
ocp4-e8 85m
ocp4-moderate 85m
ocp4-ncp 85m
rhcos4-e8 85m
rhcos4-moderate 85m
rhcos4-ncp 85m
test1-e8 3m15s
test1-moderate 3m15s
test1-ncp 3m15s
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:4196 |