Description of problem: The "Custom Scorecard storage feature" function is not included in upstream v1.10.1, so it's not included in downstream ocp4.9 either. The PR 5028(https://github.com/operator-framework/operator-sdk/pull/5028) is not included in v1.10.x (https://github.com/operator-framework/operator-sdk/commits/v1.10.x). Version-Release number of selected component (if applicable): operator-sdk version: "v1.10.1-ocp", commit: "0d49c0a295d30a25aa7b558a0597d0a9a199fa59", kubernetes version: "v1.21", go version: "go1.16.6", GOOS: "linux", GOARCH: "amd64" How reproducible: always Steps to Reproduce: $ operator-sdk version operator-sdk version: "v1.10.1-ocp", commit: "0d49c0a295d30a25aa7b558a0597d0a9a199fa59", kubernetes version: "v1.21", go version: "go1.16.6", GOOS: "linux", GOARCH: "amd64" $ operator-sdk scorecard -h Actual results: $ operator-sdk scorecard -h Has flags to configure dsl, bundle, and selector. This command takes one argument, either a bundle image or directory containing manifests and metadata. If the argument holds an image tag, it must be present remotely. Usage: operator-sdk scorecard [flags] Flags: -c, --config string path to scorecard config file -h, --help help for scorecard --kubeconfig string kubeconfig path -L, --list Option to enable listing which tests are run -n, --namespace string namespace to run the test images in -o, --output string Output format for results. Valid values: text, json, xunit (default "text") -l, --selector string label selector to determine which tests are run -s, --service-account string Service account to use for tests (default "default") -x, --skip-cleanup Disable resource cleanup after tests are run -w, --wait-time duration seconds to wait for tests to complete. Example: 35s (default 30s) Global Flags: --plugins strings plugin keys to be used for this subcommand execution --verbose Enable verbose logging Expected results: $ operator-sdk scorecard -h Has flags to configure dsl, bundle, and selector. This command takes one argument, either a bundle image or directory containing manifests and metadata. If the argument holds an image tag, it must be present remotely. Usage: operator-sdk scorecard [flags] Flags: -c, --config string path to scorecard config file -h, --help help for scorecard --kubeconfig string kubeconfig path -L, --list Option to enable listing which tests are run -n, --namespace string namespace to run the test images in -o, --output string Output format for results. Valid values: text, json, xunit (default "text") -l, --selector string label selector to determine which tests are run -s, --service-account string Service account to use for tests (default "default") -x, --skip-cleanup Disable resource cleanup after tests are run -t, --test-output string Test output directory. (default "test-output") -w, --wait-time duration seconds to wait for tests to complete. Example: 35s (default 30s) Global Flags: --plugins strings plugin keys to be used for this subcommand execution --verbose Enable verbose logging Additional info:
Moving this to 4.10 as the feature did not get pulled into 1.10. It is available upstream starting with operator-sdk v1.11.
Lowered the severity since this is no longer urgent for 4.9. I did make it a blocker for 4.10
The premerge PR with v1.15.0 contains support for scorecard storage. https://github.com/openshift/ocp-release-operator-sdk/pull/183 Please verify this bug against that PR.
Verified. operator-sdk version: "v1.15.0-ocp", commit: "26bfc013ee8721a1cbf037babab04ed8b769483f", kubernetes version: "v1.21", go version: "go1.17.4", GOOS: "linux", GOARCH: "amd64" $ operator-sdk scorecard -h Has flags to configure dsl, bundle, and selector. This command takes one argument, either a bundle image or directory containing manifests and metadata. If the argument holds an image tag, it must be present remotely. Usage: operator-sdk scorecard [flags] Flags: -c, --config string path to scorecard config file -h, --help help for scorecard --kubeconfig string kubeconfig path -L, --list Option to enable listing which tests are run -n, --namespace string namespace to run the test images in -o, --output string Output format for results. Valid values: text, json, xunit (default "text") -l, --selector string label selector to determine which tests are run -s, --service-account string Service account to use for tests (default "default") -x, --skip-cleanup Disable resource cleanup after tests are run -b, --storage-image string Storage image to be used by the Scorecard pod (default "docker.io/library/busybox@sha256:c71cb4f7e8ececaffb34037c2637dc86820e4185100e18b4d02d613a9bd772af") -t, --test-output string Test output directory. (default "test-output") -u, --untar-image string Untar image to be used by the Scorecard pod (default "registry.access.redhat.com/ubi8@sha256:910f6bc0b5ae9b555eb91b88d28d568099b060088616eba2867b07ab6ea457c7") -w, --wait-time duration seconds to wait for tests to complete. Example: 35s (default 30s)
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:0056