Bug 2034879 - Lifecycle hook's name and owner shouldn't be allowed to be empty
Summary: Lifecycle hook's name and owner shouldn't be allowed to be empty
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Cloud Compute
Version: 4.10
Hardware: Unspecified
OS: Unspecified
low
low
Target Milestone: ---
: 4.10.0
Assignee: Joel Speed
QA Contact: sunzhaohua
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-12-22 11:18 UTC by sunzhaohua
Modified: 2022-03-12 04:40 UTC (History)
0 users

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-03-12 04:39:45 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift api pull 1089 0 None open Bug 2034879: Ensure name and owner are required within lifecycle hooks 2021-12-22 12:19:36 UTC
Github openshift machine-api-operator pull 973 0 None open Bug 2034879: Enforce unique names for lifecycle hooks via webhooks 2021-12-22 13:09:04 UTC
Red Hat Product Errata RHSA-2022:0056 0 None None None 2022-03-12 04:40:00 UTC

Description sunzhaohua 2021-12-22 11:18:20 UTC
Description of problem:
Lifecycle hook's name and owner shouldn't be allowed to be empty, and the names shouldn't be allowed to be same.

Version-Release number of selected component (if applicable):
4.10.0-0.ci-2021-12-21-093033

How reproducible:
Always

Steps to Reproduce:
1. Set lifecycle hook name as empty
  lifecycleHooks:
    preDrain:
    - name:                       ---->>name is empty                        
      owner: drain-controller1
2. Set lifecycle hook owner as empty
  lifecycleHooks:
    preDrain:
    - name: drain1
      owner:                      ---->>owner is empty
3. Set lifecycle hook names as same
  lifecycleHooks:
    preDrain:
    - name: drain1               ---->>names are same               
      owner: drain-controller1
    - name: drain1
      owner: drain-controller2

Actual results:
Machine could be updated successfully.
  conditions:
  - lastTransitionTime: "2021-12-22T09:08:58Z"
    message: 'Drain operation currently blocked by: [{Name: Owner:drain-controller1}]'
    reason: HookPresent
    severity: Warning
    status: "False"
    type: Drainable
  - lastTransitionTime: "2021-12-22T08:35:07Z"
    status: "True"
    type: InstanceExists
  - lastTransitionTime: "2021-12-22T09:03:37Z"
    status: "True"
    type: Terminable

  conditions:
  - lastTransitionTime: "2021-12-22T09:11:06Z"
    message: 'Drain operation currently blocked by: [{Name:drain1 Owner:}]'
    reason: HookPresent
    severity: Warning
    status: "False"
    type: Drainable
  - lastTransitionTime: "2021-12-22T08:35:07Z"
    status: "True"
    type: InstanceExists
  - lastTransitionTime: "2021-12-22T09:03:37Z"
    status: "True"
    type: Terminable

  conditions:
  - lastTransitionTime: "2021-12-22T09:22:15Z"
    message: 'Drain operation currently blocked by: [{Name:drain1 Owner:drain-controller1} {Name:drain1 Owner:drain-controller2}]'
    reason: HookPresent
    severity: Warning
    status: "False"
    type: Drainable
  - lastTransitionTime: "2021-12-22T08:35:07Z"
    status: "True"
    type: InstanceExists
  - lastTransitionTime: "2021-12-22T09:03:37Z"
    status: "True"
    type: Terminable

Expected results:
Should print warning or error message.

Additional info:
https://issues.redhat.com/browse/OCPCLOUD-1348

Comment 2 sunzhaohua 2021-12-24 07:25:42 UTC
Verified
Clusterversion: 4.10.0-0.nightly-2021-12-24-011849

set lifecycle hook name as empty
# * spec.lifecycleHooks.preDrain.name: Required value

set lifecycle hook owner as empty
# * spec.lifecycleHooks.preDrain.owner: Required value

Set lifecycle hook names as same
  lifecycleHooks:
    preDrain:
    - name: drain1               ---->>names are same               
      owner: drain-controller1
    - name: drain1
      owner: drain-controller2
$ oc edit machine zhsun24-6vt7l-worker-us-east-2c-kwnt4                                             
error: machines.machine.openshift.io "zhsun24-6vt7l-worker-us-east-2c-kwnt4" could not be patched: admission webhook "validation.machine.machine.openshift.io" denied the request: spec.lifecycleHooks.preDrain[1].name: Forbidden: hook names must be unique within a lifecycle stage, the following hook name is already set: drain1

Comment 6 errata-xmlrpc 2022-03-12 04:39:45 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0056


Note You need to log in before you can comment on or make changes to this bug.