Description of problem: Cluster kind should be valid Version-Release number of selected component (if applicable): 4.12.0-0.nightly-2022-08-08-143443 How reproducible: Always Steps to Reproduce: 1. Enable capi by featuregate 2. Create a cluster resource with invalid or empty kind apiVersion: cluster.x-k8s.io/v1beta1 kind: Cluster metadata: name: zhsunupi-h8wbm namespace: openshift-cluster-api spec: infrastructureRef: apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: "invalid" name: zhsunupi-h8wbm namespace: openshift-cluster-api 3. Check the created cluster 4. Delete cluster $ oc delete cluster zhsunupi-h8wbm cluster.cluster.x-k8s.io "zhsunupi-h8wbm" deleted ^C Actual results: Cluster was created successful, and couldn't be deleted. $ oc get cluster NAME PHASE AGE VERSION zhsunupi-h8wbm Deleting 5m12s spec: infrastructureRef: apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: "" name: zhsunaws3-mptzl namespace: openshift-cluster-api status: conditions: - lastTransitionTime: "2022-08-09T06:24:43Z" status: "True" type: ControlPlaneInitialized observedGeneration: 1 phase: Deleting Expected results: Cluster couldn't be created if kind is invalid or empty. Additional info:
As far as I'm aware we don't actually use these fields, but it would be good to validate them and make sure they are correct, for example, it should be an AWSCluster on AWS.
i have not had a chance to investigate this yet, hoping to get some time during this sprint.
handing this to Mike Fedosin
Hey! I added more webhooks and also activated the previous ones in this PR: https://github.com/openshift/cluster-capi-operator/pull/85
Hi Mike, I tested before pr merge, these all work as expected. Just one thing want to confirm, cluster can be created more than one, is this ok? $ oc get cluster NAME PHASE AGE VERSION ci-ln-kv1gj4b-72292-jn4rw Provisioning 19m ci-ln-kv1gj4b-72292-jn4rw-1 Provisioning 7s $ oc create -f ~/data/capi/gcp-cluster.yaml Error from server (unsupported cluster infra provider kind: GCPCluster-invalid): error when creating "/Users/sunzhaohua/data/capi/gcp-cluster.yaml": admission webhook "validation.cluster.cluster.x-k8s.io" denied the request: unsupported cluster infra provider kind: GCPCluster-invalid $ oc delete cluster ci-ln-kv1gj4b-72292-jn4rw Error from server (deletion of cluster is not allowed): admission webhook "validation.cluster.cluster.x-k8s.io" denied the request: deletion of cluster is not allowed $ oc create -f coreprovider.yaml Error from server (incorrect core provider name: cluster-api2): error when creating "coreprovider.yaml": admission webhook "vcoreprovider.operator.cluster.x-k8s.io" denied the request: incorrect core provider name: cluster-api2 $ oc delete CoreProvider cluster-api Error from server (deletion of core provider is not allowed): admission webhook "vcoreprovider.operator.cluster.x-k8s.io" denied the request: deletion of core provider is not allowed $ oc create -f infrastructureprovider-gcp.yaml Error from server (incorrect infra provider name for GCP platform: gcp2): error when creating "infrastructureprovider-gcp.yaml": admission webhook "vinfrastructureprovider.operator.cluster.x-k8s.io" denied the request: incorrect infra provider name for GCP platform: gcp2 $ oc delete infraStructureProvider gcp Error from server (deletion of infrastructure provider is not allowed): admission webhook "vinfrastructureprovider.operator.cluster.x-k8s.io" denied the request: deletion of infrastructure provider is not allowed
Move to verified, created a new bug to trace the cluster issue https://issues.redhat.com/browse/OCPBUGS-4147
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: OpenShift Container Platform 4.13.0 security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2023:1326