Bug 1833195 - OLM does not delete the corresponding secret and configmap after deleting the subscription and csv
Summary: OLM does not delete the corresponding secret and configmap after deleting the...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: OLM
Version: 4.5
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: 4.5.0
Assignee: Daniel Sover
QA Contact: yhui
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-05-08 02:44 UTC by yhui
Modified: 2020-07-13 17:36 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-07-13 17:35:59 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github operator-framework operator-lifecycle-manager pull 1516 0 None closed Bug 1833195: delete bundle objects after CSV gets deleted 2020-08-27 15:16:42 UTC
Red Hat Product Errata RHBA-2020:2409 0 None None None 2020-07-13 17:36:19 UTC

Description yhui 2020-05-08 02:44:39 UTC
Description of problem:
For the new OLM feature, adding secrets and configmaps to the bundle and having OLM generate them, after deleting the subscription and csv, the corresponding secret and configmap are not deleted by OLM. 


Version-Release number of selected component (if applicable):
4.5.0
Cluster version is 4.5.0-0.nightly-2020-05-07-144853
$ oc exec catalog-operator-6c5576474-hb276 -n openshift-operator-lifecycle-manager -- olm --version
OLM version: 0.14.2
git commit: 6544650f2bff3d58b60af24e4eab2b9d4cb06b1b


How reproducible:
always


Steps to Reproduce:
1.Add secrets and configmaps in a bundle, and create bundle image and bundle index image.

2.Create catalogsource using the bundle index image.
$ cat catsrc.yaml 
apiVersion: operators.coreos.com/v1alpha1
kind: CatalogSource
metadata:
  name: etcd-catalog
  namespace: openshift-marketplace
spec:
  displayName: Etcd Operator Catalog
  image: quay.io/yuhui12/etcd-index-test:0.9.0
  publisher: QE
  sourceType: grpc

3.Create sub using the catalogsource. The secrets and configmaps are created by OLM.
[root@preserve-olm-env olm-1728]# oc get secret
NAME                       TYPE                                  DATA   AGE
mysecret                   Opaque                                2      25s
[root@preserve-olm-env olm-1728]# oc get  configmap
NAME            DATA   AGE
my-config-map   3      29s


4.Delete the sub and csv.
[root@preserve-olm-env olm-1728]# oc delete -f sub.yaml 
subscription.operators.coreos.com "etcd" deleted
[root@preserve-olm-env olm-1728]# oc delete csv etcdoperator.v0.9.0
clusterserviceversion.operators.coreos.com "etcdoperator.v0.9.0" deleted


5.Check the secret and configmap. They are not deleted by OLM.
[root@preserve-olm-env olm-1728]# oc get secret
NAME                       TYPE                                  DATA   AGE
mysecret                   Opaque                                2      22m
[root@preserve-olm-env olm-1728]# oc get  configmap
NAME            DATA   AGE
my-config-map   3      22m



Actual results:
The secrets and configmaps are not deleted by OLM.


Expected results:
The secrets and configmaps should be deleted by OLM.


Additional info:

Comment 4 yhui 2020-05-15 10:04:50 UTC
For the Comment 2 and Comment 3,
Daniel, I agree with you. Whether the CSV succeeded or not is not relevant in this context.

BTW, the csv cannot be created in my test of another story. And I have created a bug https://bugzilla.redhat.com/show_bug.cgi?id=1835884 to track the csv issue.

Comment 8 yhui 2020-05-25 04:12:07 UTC
[root@preserve-olm-env ~]# oc get clusterversion
NAME      VERSION                             AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.5.0-0.nightly-2020-05-24-223848   True        False         73m     Cluster version is 4.5.0-0.nightly-2020-05-24-223848
[root@preserve-olm-env 1838705]# oc exec catalog-operator-bdd5d58c9-qfg2x -n openshift-operator-lifecycle-manager -- olm --version
OLM version: 0.15.1
git commit: 1849f658a5c703a1c15bf4467df7eb928d321b18

Steps to test:
1.Add secrets and configmaps in a bundle, and create bundle image and bundle index image.
$ cat secrets.yaml 
apiVersion: v1
kind: Secret
metadata:
  name: mysecret
type: Opaque
data:
  username: YWRtaW4=
  password: MWYyZDFlMmU2N2Rm

$ cat configmaps.yaml 
apiVersion: v1
kind: ConfigMap
metadata:
  name: "my-config-map"
data:
  allowed: '"true"'
  enemies: aliens
  lives: "3" 

2.Create catalogsource using the bundle index image.
$ cat catsrc.yaml 
apiVersion: operators.coreos.com/v1alpha1
kind: CatalogSource
metadata:
  name: cock-catalog
  namespace: openshift-marketplace
spec:
  displayName: cock Operator Catalog
  image: quay.io/yuhui12/cockroachdb-index:2.0.9all
  publisher: QE
  sourceType: grpc

3.Create sub using the catalogsource. The secrets and configmaps are created by OLM.
[root@preserve-olm-env 1833195]# cat sub.yaml 
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
  name: cock
  namespace: test-operators
spec:
  channel: alpha
  installPlanApproval: Automatic
  name: cockroachdb
  source: cock-catalog
  sourceNamespace: openshift-marketplace
  startingCSV: cockroachdb.v2.0.9
[root@preserve-olm-env 1833195]# oc apply -f sub.yaml 
subscription.operators.coreos.com/cock created
[root@preserve-olm-env 1833195]# oc get sub
NAME   PACKAGE       SOURCE         CHANNEL
cock   cockroachdb   cock-catalog   alpha
[root@preserve-olm-env 1833195]# oc get ip
NAME            CSV                  APPROVAL    APPROVED
install-8m6zm   cockroachdb.v2.0.9   Automatic   true
[root@preserve-olm-env 1833195]# oc get csv
NAME                 DISPLAY       VERSION   REPLACES   PHASE
cockroachdb.v2.0.9   CockroachDB   2.0.9                Succeeded
[root@preserve-olm-env 1833195]# oc get pod
NAME                                    READY   STATUS    RESTARTS   AGE
cockroachdb-operator-6448bffb78-k4qml   1/1     Running   0          11s
[root@preserve-olm-env 1833195]# oc get secret
NAME                                   TYPE                                  DATA   AGE
builder-dockercfg-zxff4                kubernetes.io/dockercfg               1      39m
builder-token-nkmxv                    kubernetes.io/service-account-token   4      39m
builder-token-vtzhf                    kubernetes.io/service-account-token   4      39m
cockroachdb-operator-dockercfg-5tncp   kubernetes.io/dockercfg               1      17s
cockroachdb-operator-token-4n7n7       kubernetes.io/service-account-token   4      17s
cockroachdb-operator-token-t5gc8       kubernetes.io/service-account-token   4      17s
default-dockercfg-6wdg4                kubernetes.io/dockercfg               1      39m
default-token-qc4x6                    kubernetes.io/service-account-token   4      39m
default-token-xkskh                    kubernetes.io/service-account-token   4      39m
deployer-dockercfg-w9zxz               kubernetes.io/dockercfg               1      39m
deployer-token-77hpb                   kubernetes.io/service-account-token   4      39m
deployer-token-jgr64                   kubernetes.io/service-account-token   4      39m
mysecret                               Opaque                                2      17s
[root@preserve-olm-env 1833195]# oc get configmap
NAME            DATA   AGE
my-config-map   3      92s

4.Delete the sub and csv.
[root@preserve-olm-env 1833195]# oc delete -f sub.yaml 
subscription.operators.coreos.com "cock" deleted
[root@preserve-olm-env 1833195]# oc delete csv cockroachdb.v2.0.9
clusterserviceversion.operators.coreos.com "cockroachdb.v2.0.9" deleted

5.Check the secret and configmap. They are deleted by OLM.
[root@preserve-olm-env 1833195]# oc get secret
NAME                       TYPE                                  DATA   AGE
builder-dockercfg-zxff4    kubernetes.io/dockercfg               1      43m
builder-token-nkmxv        kubernetes.io/service-account-token   4      43m
builder-token-vtzhf        kubernetes.io/service-account-token   4      43m
default-dockercfg-6wdg4    kubernetes.io/dockercfg               1      43m
default-token-qc4x6        kubernetes.io/service-account-token   4      43m
default-token-xkskh        kubernetes.io/service-account-token   4      43m
deployer-dockercfg-w9zxz   kubernetes.io/dockercfg               1      43m
deployer-token-77hpb       kubernetes.io/service-account-token   4      43m
deployer-token-jgr64       kubernetes.io/service-account-token   4      43m
[root@preserve-olm-env 1833195]# oc get configmap
No resources found in test-operators namespace.

The secrets and configmaps are deleted as expected. Verify the bug.

Comment 9 errata-xmlrpc 2020-07-13 17:35:59 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:2409


Note You need to log in before you can comment on or make changes to this bug.