Bug 1915902

Summary: Image registry cluster operator is in degraded state due to pruner service account unable to list the statefulsets
Product: OpenShift Container Platform Reporter: Naga Ravi Chaitanya Elluri <nelluri>
Component: Image RegistryAssignee: Oleg Bulatov <obulatov>
Status: CLOSED DUPLICATE QA Contact: Wenjing Zheng <wzheng>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 4.7CC: aos-bugs, esimard, mburman, nelluri, rbohne, wking
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
Whiteboard: aos-scalability-47
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-01-14 11:36:05 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Naga Ravi Chaitanya Elluri 2021-01-13 17:00:41 UTC 
Description of problem:
We built a cluster with 4.7.0-fc.2 bits and the image registry cluster operator is in degraded state due to pruner service account unable to list the statefulsets in the API group apps at cluster scope: Error from server (Forbidden): statefulsets.apps is forbidden: User "system:serviceaccount:openshift-image-registry:pruner" cannot list resource "statefulsets" in API group "apps" at the cluster scope.

Logs: http://dell-r510-01.perf.lab.eng.rdu2.redhat.com/large-scale/4.7-sdn-kube-1.20/bugs/image-registry/

Version-Release number of selected component (if applicable):
4.7.0-fc.2

How reproducible:
Always, we are also seeing this issue during 4.6.9 -> 4.7.0-fc.2 upgrade

Steps to Reproduce:
1. Install a cluster using 4.7.0-fc.2 bits
2. Monitor the cluster operators, image registry will be in degraded state after  the pruner pod is launched.

Actual results:
image registry cluster operator is in degraded state

Expected results:
image registry cluster operator is healthy and not blocking the upgrades
Comment 1 Oleg Bulatov 2021-01-14 11:36:05 UTC 

*** This bug has been marked as a duplicate of bug 1915661 ***
Comment 2 Oleg Bulatov 2021-01-18 13:16:34 UTC 
*** Bug 1917256 has been marked as a duplicate of this bug. ***
Comment 3 Oleg Bulatov 2021-01-25 13:45:46 UTC 
*** Bug 1918272 has been marked as a duplicate of this bug. ***