Bug 1842660 - OCP 4.6 metadata.managedFields.fieldsType Invalid Value. Must be FieldsV1
Summary: OCP 4.6 metadata.managedFields.fieldsType Invalid Value. Must be FieldsV1
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: kube-apiserver
Version: 4.5
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 4.6.0
Assignee: Stefan Schimanski
QA Contact: Ke Wang
Depends On:
Blocks: 1849340 1857655
TreeView+ depends on / blocked
Reported: 2020-06-01 19:25 UTC by Zachary Kayyali
Modified: 2020-10-27 16:03 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
: 1848437 1857655 (view as bug list)
Last Closed: 2020-10-27 16:03:15 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github open-cluster-management backlog issues 2378 0 None None None 2020-10-08 21:58:55 UTC
Github openshift origin pull 25153 0 None closed Bug 1842660: 4.6: UPSTREAM: 91748: FieldManager: Reset if we receive nil or a list with one 2020-11-24 15:24:32 UTC
Red Hat Product Errata RHBA-2020:4196 0 None None None 2020-10-27 16:03:19 UTC

Description Zachary Kayyali 2020-06-01 19:25:08 UTC
Description of problem:

There appears to be a compatibility issue in latest versions of Openshift 4.5 (Tested with 4.5.0-0.nightly-2020-05-28-044428) which may have been introduced as part of serverside apply.

We are seeing the following error when creating a custom resource -

$ oc get helmrelease multicluster-mongodb-59090 -o yaml
  - lastTransitionTime: "2020-05-28T18:18:17Z"
    status: "True"
    type: Initialized
  - lastTransitionTime: "2020-05-28T18:18:31Z"
    message: 'failed to install release: Certificate.certmanager.k8s.io "multicluster-mongodb-client-cert"
      is invalid: metadata.managedFields.fieldsType: Invalid value: "": must be `FieldsV1`'
    reason: InstallError
    status: "True"
    type: ReleaseFailed

We are not seeing this error in previous versions of OCP.

Link to GH Issue - https://github.com/open-cluster-management/backlog/issues/2378

Version-Release number of selected component (if applicable):

How reproducible:
Install ACM operator on OCP 4.5

Steps to Reproduce:

Actual results:

Expected results:
ACM Installs successfully on OCP 4.5

Additional info:

Comment 1 Stefan Schimanski 2020-06-02 07:56:50 UTC
Pinged certmanager author and Server Side Apply dev: https://kubernetes.slack.com/archives/C0EG7JC6T/p1591084548052700

Comment 2 Stefan Schimanski 2020-06-02 13:35:48 UTC
From Slack:

> from what I understand there is a bug upstream as that field was added and marked required, breaking older clients talking to newer api servers. The issue comes about as pre 0.15, our own mutating webhook strips fields it does not recognise
> The advice I have been giving is to either update to cert-manager 0.15 (which uses k8s 1.18 client libs) or otherwise wait for a patch to make that field not required

Comment 3 Stefan Schimanski 2020-06-02 13:43:37 UTC
Upstream issue:


To be fixed in some 1.18 release.

Workaround: use cert-manager 0.15+. Moving to z-release as this has to wait on upstream.

Comment 5 Michael Elder 2020-06-17 18:17:40 UTC
We're seeing this issue on ACM 1.0.x on OCP 4.5 as well. cc @scuppett

Comment 6 Stefan Schimanski 2020-06-18 11:27:07 UTC
Created backport PRs from the upstream fix.

Comment 9 Ke Wang 2020-07-01 10:35:09 UTC
Verified with OCP build 4.6.0-0.nightly-2020-06-30-020342.

Open In the Red Hat OpenShift Container Platform console navigation, select Operators -> OperatorHub, searching 'Advanced', selected the 'Advanced Cluster Management for Kubernetes' icon, click on and install it.

After finished, checking,
$ oc get csv -A
NAMESPACE                       NAME                                 DISPLAY                                      VERSION   REPLACES   PHASE
open-cluster-management         advanced-cluster-management.v1.0.1   Advanced Cluster Management for Kubernetes   1.0.1                Succeeded

The ACM installed successfully as expected, so move the bug verified.

Comment 11 errata-xmlrpc 2020-10-27 16:03:15 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.