Description of problem (please be detailed as possible and provide log snippests): rook - Deprecated 1.25 API call {'kind': 'Event', 'apiVersion': 'audit.k8s.io/v1', 'level': 'Metadata', 'auditID': '040e98f5-d0ad-4506-973c-affb38656739', 'stage': 'ResponseComplete', 'requestURI': '/apis/batch/v1beta1/namespaces/openshift-storage/cronjobs/rook-ceph-crashcollector-pruner', 'verb': 'delete', 'user': {'username': 'system:serviceaccount:openshift-storage:rook-ceph-system', 'uid': '2bdf7743-86be-4a50-bb1e-2cacb378929d', 'groups': ['system:serviceaccounts', 'system:serviceaccounts:openshift-storage', 'system:authenticated'], 'extra': {'authentication.kubernetes.io/pod-name': ['rook-ceph-operator-58fcc48878-lsz79'], 'authentication.kubernetes.io/pod-uid': ['401922bf-a9cf-4c86-baa0-ddf15311b7ab']}}, 'sourceIPs': ['192.168.2.41'], 'userAgent': 'rook/v0.0.0 (linux/amd64) kubernetes/$Format', 'objectRef': {'resource': 'cronjobs', 'namespace': 'openshift-storage', 'name': 'rook-ceph-crashcollector-pruner', 'apiGroup': 'batch', 'apiVersion': 'v1beta1'}, 'responseStatus': {'metadata': {}, 'status': 'Failure', 'reason': 'NotFound', 'code': 404}, 'requestReceivedTimestamp': '2022-04-28T08:34:34.266253Z', 'stageTimestamp': '2022-04-28T08:34:34.271390Z', 'annotations': {'authorization.k8s.io/decision': 'allow', 'authorization.k8s.io/reason': 'RBAC: allowed by ClusterRoleBinding "ocs-operator.v4.10.1-f6dd8859" of ClusterRole "ocs-operator.v4.10.1-f6dd8859" to ServiceAccount "rook-ceph-system/openshift-storage"', 'k8s.io/deprecated': 'true', 'k8s.io/removed-release': '1.25'}} Version of all relevant components (if applicable): $ oc get csv -n openshift-storage --show-labels=true NAME DISPLAY VERSION REPLACES PHASE LABELS mcg-operator.v4.10.1 NooBaa Operator 4.10.1 mcg-operator.v4.10.0 Succeeded operators.coreos.com/mcg-operator.openshift-storage= ocs-operator.v4.10.1 OpenShift Container Storage 4.10.1 ocs-operator.v4.10.0 Succeeded full_version=4.10.1-3,operatorframework.io/arch.amd64=supported,operatorframework.io/arch.ppc64le=supported,operatorframework.io/arch.s390x=supported,operators.coreos.com/ocs-operator.openshift-storage= odf-operator.v4.10.1 OpenShift Data Foundation 4.10.1 odf-operator.v4.10.0 Succeeded full_version=4.10.1-2,operatorframework.io/arch.amd64=supported,operatorframework.io/arch.ppc64le=supported,operatorframework.io/arch.s390x=supported,operators.coreos.com/odf-operator.openshift-storage= Does this issue impact your ability to continue to work with the product (please explain in detail what is the user impact)? Is there any workaround available to the best of your knowledge? Rate from 1 - 5 the complexity of the scenario you performed that caused this bug (1 - very simple, 5 - very complex)? Can this issue reproducible? Can this issue reproduce from the UI? If this is a regression, please provide more details to justify this: Steps to Reproduce: Get depreacted api calls: 1. get audit logs - oc adm node-logs --role=master --path=kube-apiserver | grep audit 2. look for deprecated calls in each log, for example: oc adm node-logs c01-rn411-old-dp7mm-master-0 --path=kube-apiserver/audit-2022-04-28T04-41-14.820.log | grep '"k8s.io/deprecated":"true"' Actual results: Expected results: Additional info:
Rook stopped using the v1beta1 cronjob for the crash collector pruner a long time ago, the fix certainly would have been in 4.10. https://github.com/rook/rook/pull/8114 Subham please take a look to see if the v1beta1 cronjob might still be used somewhere.
This is expected since, before creating v1 resources for cronJOb we delete v1beta1 that's why we are seeing this warning and in the warning also we can confirm that it is coming for delete only `'verb': 'delete'` as expected. So, I think we can close this BZ if we agree.
Agreed, this is expected since it's just a delete command. Rook only creates the v1 CronJob in newer versions, so we're not using any deprecated resources.