This bug was initially created as a copy of Bug #1905298, but for OAuth. Per Clayton, initContainers must set both of these going forward [1], while [2] is showing: openshift-oauth-apiserver/apiserver-85d844ddf-bmpsg container initContainers[0] (fix-audit-permissions) is not requesting required resources: cpu, memory openshift-oauth-apiserver/apiserver-85d844ddf-q8j9k container initContainers[0] (fix-audit-permissions) is not requesting required resources: cpu, memory openshift-oauth-apiserver/apiserver-85d844ddf-t98lf container initContainers[0] (fix-audit-permissions) is not requesting required resources: cpu, memory as part of failing: [sig-arch] Managed cluster should ensure control plane containers have requests set for cpu and memory [Suite:openshift/conformance/parallel] origin/25747 is in flight to transition an existing, but overly relaxed, test-case to explicitly require both requests on all containers. Any components which have not been fixed after an initial pass will have temporary exceptions linked to their tracking bugs when the stricter test lands. [1]: https://github.com/openshift/enhancements/blob/master/CONVENTIONS.md#resources-and-limits [2]: https://prow.ci.openshift.org/view/gs/origin-ci-test/pr-logs/pull/25747/pull-ci-openshift-origin-master-e2e-gcp/1336048716389289984
This bug hasn't had any activity in the last 30 days. Maybe the problem got resolved, was a duplicate of something else, or became less pressing for some reason - or maybe it's still relevant but just hasn't been looked at yet. As such, we're marking this bug as "LifecycleStale" and decreasing the severity/priority. If you have further information on the current state of the bug, please update it, otherwise this bug can be closed in about 7 days. The information can be, for example, that the problem still occurs, that you still want the feature, that more information is needed, or that the bug is (for whatever reason) no longer relevant. Additionally, you can add LifecycleFrozen into Keywords if you think this bug should never be marked as stale. Please consult with bug assignee before you do that.
The LifecycleStale keyword was removed because the bug moved to QE. The bug assignee was notified.
$ oc get clusterversion NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version 4.7.0-0.nightly-2021-01-14-211319 True False 3h25m Cluster version is 4.7.0-0.nightly-2021-01-14-211319 $ oc get pods -n openshift-oauth-apiserver NAME READY STATUS RESTARTS AGE apiserver-55d7bd7c78-pmwsw 1/1 Running 0 3h19m apiserver-55d7bd7c78-sjc9t 1/1 Running 0 3h20m apiserver-55d7bd7c78-t5mpg 1/1 Running 0 3h22m $ oc get pod -n openshift-oauth-apiserver apiserver-55d7bd7c78-pmwsw -o json | jq .spec.initContainers [ { "command": [ "sh", "-c", "chmod 0700 /var/log/oauth-apiserver && touch /var/log/oauth-apiserver/audit.log && chmod 0600 /var/log/oauth-apiserver/*" ], "image": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:25cc1cdd8bc5c47b7f3b788d2a902ea0d17f3ccf2adb5502690cb0bd3757849c", "imagePullPolicy": "IfNotPresent", "name": "fix-audit-permissions", "resources": { "requests": { "cpu": "15m", "memory": "50Mi" } }, ... Based on above checking, move the bug VERIFIED.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633