Bug 2026554

Summary: Pod noobaa-db-pg-0 has set incorrect SCC value
Product: [Red Hat Storage] Red Hat OpenShift Data Foundation Reporter: Dirk Haubenreisser <dhaubenr>
Component: Multi-Cloud Object GatewayAssignee: Nimrod Becker <nbecker>
Status: CLOSED NOTABUG QA Contact: Raz Tamir <ratamir>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 4.9CC: etamir, ocs-bugs, odf-bz-bot
Target Milestone: ---   
Target Release: ---   
Hardware: s390x   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-11-25 07:43:28 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dirk Haubenreisser 2021-11-25 05:48:14 UTC 
Description of problem (please be detailed as possible and provide log
snippests):

The ocs-ci testcase 'tests/manage/mcg/test_mcg_resources_disruptions.py::TestMCGResourcesDisruptions::test_db_scc' fails due to the noobaa-db-pg-0 pod not having the correct SCC after it has been deleted and rescheduled accordingly. The pod's annotation 'openshift.io/scc' is expected to be of value 'anyuid' while it is actually set to 'noobaa-endpoint'.


Version of all relevant components (if applicable):

OCP: 4.9.7

---------- oc -n openshift-storage get csv ----------
NAME                  DISPLAY                       VERSION   REPLACES   PHASE
mcg-operator.v4.9.0   NooBaa Operator               4.9.0                Succeeded
ocs-operator.v4.9.0   OpenShift Container Storage   4.9.0                Succeeded
odf-operator.v4.9.0   OpenShift Data Foundation     4.9.0                Succeeded


Does this issue impact your ability to continue to work with the product
(please explain in detail what is the user impact)?

I would assume so - if the pod's SCC is not set properly this would mean some sort of security mishap further down the line?


Is there any workaround available to the best of your knowledge?

No.


Rate from 1 - 5 the complexity of the scenario you performed that caused this
bug (1 - very simple, 5 - very complex)?

3


Can this issue reproducible?

Yes, reran the ocs-ci testcase 'tests/manage/mcg/test_mcg_resources_disruptions.py::TestMCGResourcesDisruptions::test_db_scc' many times and always got the same result.


Can this issue reproduce from the UI?

n/a


If this is a regression, please provide more details to justify this:


Steps to Reproduce:
1. Run the ocs-ci testcase 'tests/manage/mcg/test_mcg_resources_disruptions.py::TestMCGResourcesDisruptions::test_db_scc'


Actual results:

Pod 'noobaa-db-pg-0' has annotation 'openshift.io/scc' set to 'noobaa-endpoint'.


Expected results:

Pod 'noobaa-db-pg-0' has annotation 'openshift.io/scc' set to 'anyuid'.


Additional info:

n/a
Comment 2 Nimrod Becker 2021-11-25 07:43:28 UTC 
This is the expected behaviour, sounds like CI needs to update.