1891846 – When creating policy to trigger scan on RHACM managed cluster, the compliancesuite was not executed as expeted

Bug 1891846 - When creating policy to trigger scan on RHACM managed cluster, the compliancesuite was not executed as expeted

Summary: When creating policy to trigger scan on RHACM managed cluster, the compliance...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Compliance Operator
Sub Component:
Version:	4.6
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	4.7.0
Assignee:	Juan Antonio Osorio
QA Contact:	Prashant Dhamdhere
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1892293
TreeView+	depends on / blocked

Reported:	2020-10-27 14:08 UTC by xiyuan
Modified:	2020-10-28 12:32 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Clones:	1892293 (view as bug list)
Environment:
Last Closed:	2020-10-28 12:32:03 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	openshift compliance-operator pull 462	0	None	closed	Take namespace into account for profilebundle deployment	2020-11-23 10:52:13 UTC

Description xiyuan 2020-10-27 14:08:33 UTC

Description of Problem:
When creating policy to trigger scan on RHACM managed cluster, the compliancesuite was not executed as expeted. It reported "Failed to create policy template the namespace of the provided object does not match the namespace sent on the request"

Version-Release number of selected component (if applicable):
cluster version 4.6.1 with CO version 0.1.17
$ oc get clusterversion
NAME      VERSION   AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.6.1     True        False         5h8m    Cluster version is 4.6.1

How Reproducible:
Sometimes

Steps to Reproduce:
1. install RHACM on one cluster
2. import the other two clusters
3. apply policy(details refer to https://github.com/open-cluster-management/policy-collection/pull/36/files) to instlall CO by update value for remediationAction field: 'remediationAction: enforce'
4. apply policy(details refer to https://github.com/open-cluster-management/policy-collection/pull/37/files) to trigger compliancesuite on both cluster

Actual Results:
1. On one cluster, it reported "Failed to create policy template the namespace of the provided object does not match the namespace sent on the request"
$ oc get compliancesuite --all-namespaces 
No resources found

Expected Results:
1. on both clusters, the compliancesuite should be executed as expected:
$ kubectl get compliancesuites -n xiyuan10271 e8
NAME   PHASE   RESULT
e8     DONE    NON-COMPLIANT

Additional info:
https://github.com/openshift/compliance-operator/pull/462 should be backport it to the 4.6 branch

Note You need to log in before you can comment on or make changes to this bug.