Bug 2060322

Summary: Add RBAC for 'infrastructures' to operator bundle
Product: OpenShift Container Platform Reporter: Balazs Nemeth <bnemeth>
Component: NetworkingAssignee: Balazs Nemeth <bnemeth>
Networking sub component: SR-IOV QA Contact: zhaozhanqi <zzhao>
Status: CLOSED ERRATA Docs Contact:
Severity: high    
Priority: medium CC: jdelft
Version: 4.10   
Target Milestone: ---   
Target Release: 4.10.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-05-31 12:40:03 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2062151    
Bug Blocks: 2059292    

Description Balazs Nemeth 2022-03-03 10:23:35 UTC 
This bug was initially created as a copy of Bug #2059292

I am copying this bug because: 



Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:
git clone https://github.com/openshift/sriov-network-operator/
git checkoout release-4.10
make deploy-setup


Actual results:

[root@wsfd-netdev92 sriov-network-operator]# oc get all -n openshift-sriov-network-operator
NAME                                          READY   STATUS             RESTARTS       AGE
pod/sriov-network-operator-84c89f556d-5pzbl   0/1     CrashLoopBackOff   38 (20s ago)   175m

NAME                                     READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/sriov-network-operator   0/1     1            0           175m

NAME                                                DESIRED   CURRENT   READY   AGE
replicaset.apps/sriov-network-operator-84c89f556d   1         1         0       175m


[root@wsfd-netdev92 sriov-network-operator]# oc logs pod/sriov-network-operator-84c89f556d-5pzbl -n openshift-sriov-network-operator
I0228 16:39:15.933049       1 request.go:655] Throttling request took 1.035266379s, request: GET:https://172.30.0.1:443/apis/metal3.io/v1alpha1?timeout=32s
2022-02-28T16:39:19.495Z        INFO    controller-runtime.metrics      metrics server is starting to listen      {"addr": ":8080"}
2022-02-28T16:39:21.812Z        ERROR   setup   unable to create default SriovOperatorConfig    {"error": "Couldn't get cluster single node status: infrastructures.config.openshift.io \"cluster\" is forbidden: User \"system:serviceaccount:openshift-sriov-network-operator:sriov-network-operator\" cannot get resource \"infrastructures\" in API group \"config.openshift.io\" at the cluster scope"}
github.com/go-logr/zapr.(*zapLogger).Error
        /go/src/github.com/k8snetworkplumbingwg/sriov-network-operator/vendor/github.com/go-logr/zapr/zapr.go:132
sigs.k8s.io/controller-runtime/pkg/log.(*DelegatingLogger).Error
        /go/src/github.com/k8snetworkplumbingwg/sriov-network-operator/vendor/sigs.k8s.io/controller-runtime/pkg/log/deleg.go:144
main.main
        /go/src/github.com/k8snetworkplumbingwg/sriov-network-operator/main.go:170
runtime.main
        /usr/lib/golang/src/runtime/proc.go:255

Expected results:
Everything should work

Additional info:
Potential missing backport of RBAC infra to operator
Comment 4 zhaozhanqi 2022-05-26 07:01:20 UTC 
Verified this bug on 4.10.0-202205251117
Comment 6 errata-xmlrpc 2022-05-31 12:40:03 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.10.16 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:4754