+++ This bug was initially created as a clone of Bug #1823921 +++ Description of problem: In 4.3.8, if a default SCC is changed then upgrade uis blocked. For more you can see https://bugzilla.redhat.com/show_bug.cgi?id=1821905 Version-Release number of the following components: OpenShift 4.3.8 How reproducible: Steps to Reproduce: 1.Deploy 4.3.8 cluster 2. Try to upgrade to 4.3.9 Actual results: 'Unable to apply 4.3.9: it may not be safe to apply this update' 'Precondition "ClusterVersionUpgradeable" failed because of "DefaultSecurityContextConstraints_Mutated": Cluster operator kube-apiserver cannot be upgraded: DefaultSecurityContextConstraintsUpgradeable: Default SecurityContextConstraints object(s) have mutated [privileged]' Expected results: 4.3.9 Cluster We are going to remove the SCC controller that sets Upgradeable to False.
Not relevant to 4.4, closing it.
Due to comment 1, updating bug field accordingly. If incorrect, please let me know, thanks.