Description of problem: [cloud-user@ocp-psi-executor ~]$ oc logs -n openshift-cnv cluster-network-addons-operator-6cbcb8656c-6gqcg 2020/06/04 14:54:58 Go Version: go1.13.4 2020/06/04 14:54:58 Go OS/Arch: linux/amd64 2020/06/04 14:54:58 version of operator-sdk: v0.18.0 2020/06/04 14:54:58 version of cluster-network-addons-operator: sha256_c5f9c4a8590a443a82a06785364f6eccbbc72924cf8056a9d9584c45 I0604 14:54:59.357842 1 request.go:621] Throttling request took 1.027603785s, request: GET:https://172.30.0.1:443/api/v1?timeout=32s 2020/06/04 14:55:04 registering Components 2020/06/04 14:55:04 Running on OpenShift 4 2020/06/04 14:55:04 failed setting up operator controllers: failed to check for availability of SCC: securitycontextconstraints.security.openshift.io is forbidden: User "system:serviceaccount:openshift-cnv:cluster-network-addons-operator" cannot list resource "securitycontextconstraints" in API group "security.openshift.io" at the cluster scope Version-Release number of selected component (if applicable): OCP-4.5 HCO-v2.3.0-282 How reproducible: 100 Steps to Reproduce: 1. Deploy CNV 2. 3. Actual results: cluster-network-addons-operator failing to start Expected results: cnv deployed Additional info:
I tend to think it's a sife effect of https://github.com/kubevirt/cluster-network-addons-operator/pull/413
i see this was merged 2 days ago and Lukas sees it in the latest build. why isn't this fix part of the latest build?
We have an explicit rule for SCC here https://github.com/RamLavi/cluster-network-addons-operator/blob/19291e695e6a293ed395bf42ab23aaaa91e68162/pkg/components/components.go#L268. But maybe it fails due to the `ResourceNames` selector. Will post a fix ASAP.
It should be fixed in the next build. Sorry about the issue, we had false positives on our U/S CI.
working in HCO v2.3.0-291 cluster-network-addons-operator-6664f6764f-k29l7 1/1 Running 0 13h
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:3194