PRs in the queue.
This waiting to be merged in the queue.
Confirmed with payload: 4.3.0-0.nightly-2020-07-04-055556, when create new project will see the audit logs from kube-apiserver: sh-4.4# grep namespace-security-allocation-controller audit*|grep patch |grep zhouy audit.log:{"kind":"Event","apiVersion":"audit.k8s.io/v1","level":"Metadata","auditID":"8a541723-c513-4f99-a052-f08388db7509","stage":"ResponseComplete","requestURI":"/api/v1/namespaces/zhouy","verb":"patch","user":{"username":"system:serviceaccount:openshift-infra:namespace-security-allocation-controller","uid":"1afe739c-c212-478c-8ac7-cf7f8d8148f9","groups":["system:serviceaccounts","system:serviceaccounts:openshift-infra","system:authenticated"]},"sourceIPs":["::1"],"userAgent":"cluster-policy-controller/v0.0.0 (linux/amd64) kubernetes/$Format/system:serviceaccount:openshift-infra:namespace-security-allocation-controller","objectRef":{"resource":"namespaces","namespace":"zhouy","name":"zhouy","apiVersion":"v1"},"responseStatus":{"metadata":{},"code":200},"requestReceivedTimestamp":"2020-07-06T08:45:32.542309Z","stageTimestamp":"2020-07-06T08:45:32.549261Z","annotations":{"authorization.k8s.io/decision":"allow","authorization.k8s.io/reason":"RBAC: allowed by ClusterRoleBinding \"system:openshift:controller:namespace-security-allocation-controller\" of ClusterRole \"system:openshift:controller:namespace-security-allocation-controller\" to ServiceAccount \"namespace-security-allocation-controller/openshift-infra\""}}
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:2872