Bug 2060322 - Add RBAC for 'infrastructures' to operator bundle
Summary: Add RBAC for 'infrastructures' to operator bundle
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 4.10
Hardware: Unspecified
OS: Unspecified
medium
high
Target Milestone: ---
: 4.10.z
Assignee: Balazs Nemeth
QA Contact: zhaozhanqi
URL:
Whiteboard:
Depends On: 2062151
Blocks: 2059292
TreeView+ depends on / blocked
 
Reported: 2022-03-03 10:23 UTC by Balazs Nemeth
Modified: 2022-05-31 12:40 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-05-31 12:40:03 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift sriov-network-operator pull 639 0 None open Bug 2060322: Add RBAC for 'infrastructures' to operator bundle @pliurh @bn222 2022-03-09 10:08:56 UTC
Red Hat Product Errata RHBA-2022:4754 0 None None None 2022-05-31 12:40:30 UTC

Description Balazs Nemeth 2022-03-03 10:23:35 UTC 
This bug was initially created as a copy of Bug #2059292

I am copying this bug because: 



Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:
git clone https://github.com/openshift/sriov-network-operator/
git checkoout release-4.10
make deploy-setup


Actual results:

[root@wsfd-netdev92 sriov-network-operator]# oc get all -n openshift-sriov-network-operator
NAME                                          READY   STATUS             RESTARTS       AGE
pod/sriov-network-operator-84c89f556d-5pzbl   0/1     CrashLoopBackOff   38 (20s ago)   175m

NAME                                     READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/sriov-network-operator   0/1     1            0           175m

NAME                                                DESIRED   CURRENT   READY   AGE
replicaset.apps/sriov-network-operator-84c89f556d   1         1         0       175m


[root@wsfd-netdev92 sriov-network-operator]# oc logs pod/sriov-network-operator-84c89f556d-5pzbl -n openshift-sriov-network-operator
I0228 16:39:15.933049       1 request.go:655] Throttling request took 1.035266379s, request: GET:https://172.30.0.1:443/apis/metal3.io/v1alpha1?timeout=32s
2022-02-28T16:39:19.495Z        INFO    controller-runtime.metrics      metrics server is starting to listen      {"addr": ":8080"}
2022-02-28T16:39:21.812Z        ERROR   setup   unable to create default SriovOperatorConfig    {"error": "Couldn't get cluster single node status: infrastructures.config.openshift.io \"cluster\" is forbidden: User \"system:serviceaccount:openshift-sriov-network-operator:sriov-network-operator\" cannot get resource \"infrastructures\" in API group \"config.openshift.io\" at the cluster scope"}
github.com/go-logr/zapr.(*zapLogger).Error
        /go/src/github.com/k8snetworkplumbingwg/sriov-network-operator/vendor/github.com/go-logr/zapr/zapr.go:132
sigs.k8s.io/controller-runtime/pkg/log.(*DelegatingLogger).Error
        /go/src/github.com/k8snetworkplumbingwg/sriov-network-operator/vendor/sigs.k8s.io/controller-runtime/pkg/log/deleg.go:144
main.main
        /go/src/github.com/k8snetworkplumbingwg/sriov-network-operator/main.go:170
runtime.main
        /usr/lib/golang/src/runtime/proc.go:255

Expected results:
Everything should work

Additional info:
Potential missing backport of RBAC infra to operator
Comment 4 zhaozhanqi 2022-05-26 07:01:20 UTC 
Verified this bug on 4.10.0-202205251117
Comment 6 errata-xmlrpc 2022-05-31 12:40:03 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.10.16 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:4754
Note You need to log in before you can comment on or make changes to this bug.