+++ This bug was initially created as a clone of Bug #1945261 +++ Description of problem: Operator dependencies should always be satisfied by candidates from a default channel (unless there are no valid candidates in a default channel). If a candidate operator is both in its package's default channel AND in a non-default channel, catalog-operator may generate a subscription that arbitrarily specifies either of the two channels. Originally reported upstream in https://github.com/operator-framework/operator-lifecycle-manager/issues/2067. Version-Release number of selected component (if applicable): 4.6+ How reproducible: Not always, but maybe at least 50% of the time. Probably more likely to occur if the candidate appears in more channels. Steps to Reproduce: 1. Create the following resources: apiVersion: v1 kind: Namespace metadata: name: test-namespace --- apiVersion: operators.coreos.com/v1alpha1 kind: CatalogSource metadata: name: ibm-operator-catalog namespace: test-namespace spec: image: quay.io/bluddy/foo:defchn-a sourceType: grpc --- apiVersion: operators.coreos.com/v1alpha1 kind: CatalogSource metadata: name: opencloud-operators namespace: test-namespace spec: image: quay.io/bluddy/foo:defchn-b sourceType: grpc --- apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: name: test-operators namespace: test-namespace spec: {} --- apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: name: test-subscription namespace: test-namespace spec: name: ibm-automation-core channel: v1.0 source: ibm-operator-catalog sourceNamespace: test-namespace 2. Wait for installation to finish, then run "kubectl get -n test-namespace subscription". If you see: $ kubectl get -n test-namespace subscription NAME PACKAGE SOURCE CHANNEL test-subscription ibm-automation-core ibm-operator-catalog v1.0 ibm-common-service-operator-v3-opencloud-operators-test-namespace ibm-common-service-operator opencloud-operators v3 then run "kubectl delete namespace test-namespace" and go back to step (1). Actual results: $ kubectl get -n test-namespace subscription NAME PACKAGE SOURCE CHANNEL test-subscription ibm-automation-core ibm-operator-catalog v1.0 ibm-common-service-operator-beta-opencloud-operators-test-namespace ibm-common-service-operator opencloud-operators beta Expected results: $ kubectl get -n test-namespace subscription NAME PACKAGE SOURCE CHANNEL test-subscription ibm-automation-core ibm-operator-catalog v1.0 ibm-common-service-operator-v3-opencloud-operators-test-namespace ibm-common-service-operator opencloud-operators v3
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.16 security and bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:2286