This bug was initially created as a copy of Bug #1803196 I am copying this bug because: Description of problem: Logging operator should publish sharing-config configmap into openshift-config-managed namespace, so it's reachable for other components, like console, which needs to access to: - kibanaAppURL - kibanaInfraURL Version-Release number of selected component (if applicable): 4.4. How reproducible: Always Steps to Reproduce: 1. 2. 3. Actual results: Logging operator is publishing sharing-config configmap into openshift-logging namespace. If any component needs to get hands on the configmap it needs to get additional RBAC permissions. Expected results: Logging operator should be publishing sharing-config configmap into openshift-config-managed namespace so no additional RBAC permissions needs to be added to component that needs the configmap.
It seems the PR pull in regression https://bugzilla.redhat.com/show_bug.cgi?id=1807739
*** Bug 1807739 has been marked as a duplicate of this bug. ***
The regression introduced by the original fix for this results in logging being undeployable. Setting to Urgent.
The rolebinding was created in the wrong namespace: https://bugzilla.redhat.com/show_bug.cgi?id=1807739#c1 despite this: https://github.com/openshift/cluster-logging-operator/blob/release-4.4/manifests/4.4/0200_roles.yaml#L5 guessing OLM stomped your namespace and created the rolebinding in openshift-logging anyway, which is why it didn't work.
The attempt to handle this in 4.4 lead to a major regression (https://bugzilla.redhat.com/show_bug.cgi?id=1807739) At this point we won't be able to address this in 4.4, but we're keeping https://bugzilla.redhat.com/show_bug.cgi?id=1803196 open to track potentially handling it in 4.5.
Changing the severity on this posthoc, it should not have been urgent in the first place. (possibly should not have been a bug either).