Description of problem: The behavior of OLM when installed operators specify olm.maxOpenShiftVersion: - with an empty value - with a poorly formed value; e.g. bad semver - more than once; ambiguous max is ill-defined and inconsistent; silently allowing upgrades in the face of invalid values. Version-Release number of selected component (if applicable): OpenShift: 4.9.0-0.nightly-2021-07-27-125952 OLM: version: 0.18.3, git commit: 3475b1d5d8d481394ba90b2823645bed0fb2b076 How reproducible: Always Steps to Reproduce: 1. Write an operator that specifies an invalid, empty, and/or multiple olm.maxOpenShiftVersion properties 2. Install that operator on a cluster (Here's a demo that walks through configuring properties, building bundles, and installing on a cluster: https://youtu.be/pa2-YKo07cw?list=PLw471UtJC4H39vNAduRz6CixDetHwljKs) Expected results: OLM should set the Upgradeable condition of the operator-lifecycle-manager ClusterOperator resource to False -- i.e. block cluster upgrades -- whenever: - an installed operator has an invalid olm.maxOpenShiftVersion property; e.g. empty or malformed semver - an installed operator has declared more than one olm.MaxOpenShiftVersion property - cluster information is unavailable; e.g. the desired version of the cluster is undefined (non-functional requirement) Additionally, the message of that condition should identify the operator(s) (and reason for) blocking an upgrade. Additional info: This behavior was undefined but originally assumed to fail-open; i.e. invalid properties should be ignored (see https://bugzilla.redhat.com/show_bug.cgi?id=1986753). However, it was decided during review that failing-closed (i.e. invalid properties should block upgrades) with appropriate error messages leaves OpenShift upgrades less susceptible to operator publishing errors. Upstream PR (merged): https://github.com/operator-framework/operator-lifecycle-manager/pull/2302
*** Bug 1986753 has been marked as a duplicate of this bug. ***
[cloud-user@preserve-olm-env jian]$ oc get clusterversion NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version 4.9.0-0.nightly-2021-08-06-020133 True False 4h20m Cluster version is 4.9.0-0.nightly-2021-08-06-020133 [cloud-user@preserve-olm-env jian]$ oc exec deploy/catalog-operator -- olm --version OLM version: 0.18.3 git commit: 3a21821b786493b59da83ab4ce16d6ed16dcccad For detailed steps/results, please refer to https://polarion.engineering.redhat.com/polarion/#/project/OSE/workitem?id=OCP-43101 Looks good to me, verify it.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3759