Description of problem: Du validator policies stays as NonCompliant after DU configuration is completed. Version-Release number of selected component (if applicable): 4.10 nightly How reproducible: 100% Steps to Reproduce: 1. Enable du validator policy in common PGT 2. Deploy and configure a sno using ZTP 3. Check ACM policies Actual results: Du validator policy is nonCompliant. Seen following error in policy complaining "machineconfigpools not found": - eventName: ztp-common.common-du-validator-policy.16c1b5e092c63925 lastTimestamp: "2021-12-18T01:41:55Z" message: 'NonCompliant; violation - machineconfigpools not found: [master] found but not as specified; notification - deployments [sriov-network-operator] in namespace openshift-sriov-network-operator found as specified, therefore this Object template is compliant; notification - sriovnetworknodestates [helix21-sno-3-0] in namespace openshift-sriov-network-operator found as specified, therefore this Object template is compliant; notification - deployments [ptp-operator] in namespace openshift-ptp found as specified, therefore this Object template is compliant; notification - deployments [performance-operator] in namespace openshift-performance-addon-operator found as specified, therefore this Object template is compliant; notification - performanceprofiles [openshift-node-performance-profile] found as specified, therefore this Object template is compliant; notification - deployments [kube-apiserver-operator] in namespace openshift-kube-apiserver-operator found as specified, therefore this Object template is compliant; notification - pods [kube-apiserver-helix21-sno-3-0] in namespace openshift-kube-apiserver found as specified, therefore this Object template is compliant' Expected results: All policies should be compliant after du deployment succeeded Additional info:
Verified on 4.10 fc.2 with ztp container image built from master.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:0056