Bug 2034300 - Du validator policy is NonCompliant after DU configuration completed
Summary: Du validator policy is NonCompliant after DU configuration completed
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Telco Edge
Version: 4.10
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: 4.10.0
Assignee: Angie Wang
QA Contact: yliu1
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-12-20 15:56 UTC by yliu1
Modified: 2022-03-10 16:35 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-03-10 16:35:23 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift-kni cnf-features-deploy pull 876 0 None open Bug 2034300: ztp: Fix the name issue in validator source cr 2021-12-21 18:57:42 UTC
Red Hat Product Errata RHSA-2022:0056 0 None None None 2022-03-10 16:35:35 UTC

Description yliu1 2021-12-20 15:56:04 UTC 
Description of problem:
Du validator policies stays as NonCompliant after DU configuration is completed. 

Version-Release number of selected component (if applicable):
4.10 nightly


How reproducible:
100%


Steps to Reproduce:
1. Enable du validator policy in common PGT
2. Deploy and configure a sno using ZTP
3. Check ACM policies

Actual results:
Du validator policy is nonCompliant. 
Seen following error in policy complaining "machineconfigpools not found":

    - eventName: ztp-common.common-du-validator-policy.16c1b5e092c63925
      lastTimestamp: "2021-12-18T01:41:55Z"
      message: 'NonCompliant; violation - machineconfigpools not found: [master] found
        but not as specified; notification - deployments [sriov-network-operator]
        in namespace openshift-sriov-network-operator found as specified, therefore
        this Object template is compliant; notification - sriovnetworknodestates [helix21-sno-3-0]
        in namespace openshift-sriov-network-operator found as specified, therefore
        this Object template is compliant; notification - deployments [ptp-operator]
        in namespace openshift-ptp found as specified, therefore this Object template
        is compliant; notification - deployments [performance-operator] in namespace
        openshift-performance-addon-operator found as specified, therefore this Object
        template is compliant; notification - performanceprofiles [openshift-node-performance-profile]
        found as specified, therefore this Object template is compliant; notification
        - deployments [kube-apiserver-operator] in namespace openshift-kube-apiserver-operator
        found as specified, therefore this Object template is compliant; notification
        - pods [kube-apiserver-helix21-sno-3-0] in namespace openshift-kube-apiserver
        found as specified, therefore this Object template is compliant'


Expected results:
All policies should be compliant after du deployment succeeded


Additional info:
Comment 2 yliu1 2022-02-01 17:56:04 UTC 
Verified on 4.10 fc.2 with ztp container image built from master.
Comment 5 errata-xmlrpc 2022-03-10 16:35:23 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0056
Note You need to log in before you can comment on or make changes to this bug.