Description of problem:
The current OCM controller (if enabled via TechPreview feature set) is pulling down the SCA certs from the OCM API. We would like to update the operator status (operator conditions) based on successful or unsuccessful retrieval of the SCA certs. A retrieval is considered as unsuccessful if OCM API returns a 500 or 400 status codes. If the controller is not able to retrieve the certs after some number retries then mark the operator as degraded.
No status is updated.
Status is marked either as healthy or degraded when the controller was not able to retrieve the SCA certs after some number of retries (likely using exp. backoff).
Verified on 4.10.0-0.ci-2021-09-16-014803.
1. Enable TechPreview https://docs.openshift.com/container-platform/4.8/nodes/clusters/nodes-cluster-enabling-features.html
2. Edit "support" secret in "openshift-config" namespace.
a. Add "ocmEndpoint" key with value "https://httpstat.us/500"
b. Add "ocmInterval" key with value "1m"
3. Restart Insights Operator
4. Check Insights Cluster Operator status
Operator status is degraded.
Change "ocmEndpoint" to "https://httpstat.us/404" or another status and check cluster operator status. It's not degraded.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.