Description of problem: The sample pod template fails because a security context is missing and was defined by the security admission controller. It is now enabled by default in OpenShift. https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted Error: # CRD extensions.ConsoleExternalLogLink CRD.creates a new test pod to display the ConsoleExternalLogLink instance Error: Timeout - Async callback was not invoked within timeout specified by jasmine.DEFAULT_TIMEOUT_INTERVAL. Failing tests: https://search.ci.openshift.org/?search=ConsoleExternalLogLink+CRD&maxAge=168h&context=1&type=junit&name=pull-ci-openshift-console-master-e2e-gcp-console&excludeName=&maxMatches=5&maxBytes=20971520&groupBy=job Current matched: 214 runs, 72% failed, 33% of failures match = 24% impact CI history: https://prow.ci.openshift.org/?repo=openshift%2Fconsole&job=pull-ci-openshift-console-master-e2e-gcp-console Success rate over time: 3h0s: 0%, 12h0s: 14%, 48h0s: 10% Version-Release number of selected component (if applicable): 4.12
Created attachment 1903201 [details] Screenshot of Creat Pod YAML on 4.12
The bug is verified on: 4.12.0-0.nightly-2022-08-01-151317, the version the screenshot is taken on. The PR is mergerd `5` days ago, and the search link restricts the search for log `ConsoleExternalLogLink CRD` to `2` days, finding ``` 76 runs, 61% failed, 4% of failures match = 3% impact ``` and two failures. Among the two failures, there only one ``` https://search.ci.openshift.org/?search=ConsoleExternalLogLink+CRD&maxAge=48h&context=1&type=junit&name=pull-ci-openshift-console-master-e2e-gcp-console&excludeName=&maxMatches=5&maxBytes=20971520&groupBy=job#:~:text=%231554236630359871488 ``` concerned with error: ``` # CRD extensions.ConsoleExternalLogLink CRD.displays YAML editor for creating a new ConsoleExternalLogLink instance and creates it Error: Timeout - Async callback was not invoked within timeout specified by jasmine.DEFAULT_TIMEOUT_INTERVAL. ``` which is the same cause as the bug. By contrast, the job failures roughly 100 times in the last `7` days: ``` https://search.ci.openshift.org/?search=ConsoleExternalLogLink+CRD&maxAge=168h&context=1&type=junit&name=pull-ci-openshift-console-master-e2e-gcp-console&excludeName=&maxMatches=5&maxBytes=20971520&groupBy=job ``` Also, I manually tested as the screenshot shows. There is no warnings when creating pods any more.
Correction: After further investigation on logs https://prow.ci.openshift.org/view/gs/origin-ci-test/pr-logs/pull/batch/pull-ci-openshift-console-master-e2e-gcp-console/1554236630359871488#1:build-log.txt%3A418 From line 418 to line 429 ``` 33) ConsoleExternalLogLink CRD A Jasmine spec timed out. Resetting the WebDriver Control Flow. A Jasmine spec timed out. Resetting the WebDriver Control Flow. A Jasmine spec timed out. Resetting the WebDriver Control Flow. ✖ displays YAML editor for creating a new ConsoleExternalLogLink instance and creates it (3 failures) • displays detail view for ConsoleExternalLogLink instance • creates a new test pod to display the ConsoleExternalLogLink instance • displays the ConsoleExternalLogLink instance on the test pod • displays YAML editor for adding namespaceFilter to the ConsoleExternalLogLink instance • does not display the ConsoleExternalLogLink instance on the test pod • deletes the test pod • deletes the ConsoleExternalLogLink instance ``` The failure of `displays YAML editor for creating a new ConsoleExternalLogLink instance and creates it` precedes `displays the ConsoleExternalLogLink instance on the test pod`. Thus this is a different cause from the bug. This means the job has no failure in the past two days.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.12.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:7399