Bug 1888607

Summary: [release 4.5] The poddisruptionbudgets is using the operator service account, instead of gather
Product: OpenShift Container Platform Reporter: Marcell Sevcsik <msevcsik>
Component: Insights OperatorAssignee: Marcell Sevcsik <msevcsik>
Status: CLOSED ERRATA QA Contact: Pavel Šimovec <psimovec>
Severity: high Docs Contact:
Priority: unspecified    
Version: 4.5CC: aos-bugs, inecas, psimovec, tremes
Target Milestone: ---   
Target Release: 4.5.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: A client used for gathering the poddisruptionbudgets uses the operator service account instead of the gather account. Consequence: The operator service account has way more privileges then the gather account so creating a client using the former gives that client unnecessary permissions. (It also makes the manifests a bit confusing) Fix: Use the gahter service account to create the client. Result: The client that gathers the poddisruptionbudgets has only the minimum amount of permissions to do its job.
 Story Points: ---
Clone Of: 1888602
: 1888608 (view as bug list) Environment:
Last Closed: 2021-01-20 05:49:27 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1888602    
Bug Blocks: 1888608    

Description Marcell Sevcsik 2020-10-15 10:02:27 UTC 
+++ This bug was initially created as a clone of Bug #1888602 +++

+++ This bug was initially created as a clone of Bug #1888601 +++

Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 3 Pavel Šimovec 2021-01-13 14:42:54 UTC 
CI passes, pdbs still get collected
Comment 5 errata-xmlrpc 2021-01-20 05:49:27 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.5.27 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:0033