Description of problem: Upgrade between 4.10 versions fails if the cluster has custom SCCs Version-Release number of the following components: How reproducible: Add an additional SCC with `privileged` set to true: ``` NAME PRIV CAPS SELINUX RUNASUSER FSGROUP SUPGROUP PRIORITY READONLYROOTFS VOLUMES syn-cluster-backup-etcd true [] MustRunAs RunAsAny MustRunAs RunAsAny <no value> true ["configMap","downwardAPI","emptyDir","hostPath","projected","secret"] ``` Actual results: Please include the entire output from the last TASK line through the end of output if an error is generated Expected results: The cluster-version-operator should explicitly set `readOnlyRootFilesystem: false` or the upgrade script must tolerate readOnlyRootFilesystem. https://github.com/openshift/cluster-version-operator/blob/cb3a00c9f5e2ca00f24f9664b7e7cfbe0807748e/pkg/cvo/updatepayload.go#L183 ~~~ container.SecurityContext = &corev1.SecurityContext{ Privileged: pointer.BoolPtr(true), ReadOnlyRootFilesystem: pointer.BoolPtr(false), } ~~~ Additional info: $ kubectl -n openshift-cluster-version logs version-4.10.12-wsspr-k88qw mv: cannot remove '/manifests/0000_00_cluster-version-operator_00_namespace.yaml': Read-only file system mv: inter-device move failed: '/manifests' to '/etc/cvo/updatepayloads/4ENFMGrGePMHpleO-OWNaQ/manifests/manifests'; unable to remove target: Directory not empty
*** This bug has been marked as a duplicate of bug 2110590 ***