Bug 2044496 - Unable to create hardware events subscription - failed to add finalizers
Summary: Unable to create hardware events subscription - failed to add finalizers
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Bare Metal Hardware Provisioning
Version: 4.10
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 4.10.0
Assignee: Honza Pokorny
QA Contact: Ori Michaeli
Depends On:
TreeView+ depends on / blocked
Reported: 2022-01-24 17:12 UTC by Ori Michaeli
Modified: 2022-03-10 16:42 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2022-03-10 16:42:18 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github openshift baremetal-operator pull 201 0 None open Bug 2044496: Make bmc subscription validator less aggressive 2022-01-25 12:47:37 UTC
Github openshift baremetal-operator pull 202 0 None open Bug 2044496: Update vendor 2022-01-27 14:53:54 UTC
Red Hat Product Errata RHSA-2022:0056 0 None None None 2022-03-10 16:42:34 UTC

Description Ori Michaeli 2022-01-24 17:12:13 UTC
Description of problem:

Creation of subscription looks good but when checking the BMC no subscription were created.

Output of metal3 pod logs:

"level":"error","ts":1643035823.766456,"logger":"controller.bmceventsubscription","msg":"Reconciler error","reconciler group":"metal3.io","reconciler kind":"BMCEventSubscription","name":"sub-01","namespace":"openshift-machine-api","error":"failed add finalizer: failed to add finalizer: admission webhook \"bmceventsubscription.metal3.io\" denied the request: subscriptions cannot be updated, please recreate it"

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Create a new HW events subscription.
2. Check that a subscription were created through the BMC API

Actual results:
Subscription creation failed.

Expected results:
Subscription creation succeeded.

Additional info:

Comment 1 Honza Pokorny 2022-01-24 17:35:43 UTC
This is caused by an overzealous update validator webhook.  A fix is already proposed upstream:


Comment 8 Ori Michaeli 2022-02-03 21:52:34 UTC
Verified with 4.10.0-0.nightly-2022-02-02-220834

Comment 10 errata-xmlrpc 2022-03-10 16:42:18 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.