The installer on openstack platform creates a security group rule that it does not need.
The master_ingress_cluster_policy_controller security group rule was initially introduced with 2636aef  but later reverted with a7040d4 . It was then re-introduced by mistake with 40febcf .
We should remove the unneeded rule.
Verified on ocp4.12.0-0.nightly-2022-07-27-133042 on top of RHOS-16.2-RHEL-8-20220610.n.1
(shiftstack) [stack@undercloud-0 ~]$ oc get clusterversion
NAME VERSION AVAILABLE PROGRESSING SINCE STATUS
version 4.12.0-0.nightly-2022-07-27-133042 True False 43s Cluster version is 4.12.0-0.nightly-2022-07-27-133042
(shiftstack) [stack@undercloud-0 ~]$ openstack security group show ostest-5w6hf-master -c rules -f json | jq '.rules | select(.port_range_min==10357)'
(shiftstack) [stack@undercloud-0 ~]$
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (Moderate: OpenShift Container Platform 4.12.0 bug fix and security update), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.