Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Normal
Fix Version/s: ACM 2.10.3
Affects Version/s: None
Component/s: GRC
Labels:
None

Story Points:
2
Blocked:
False
Blocked Reason:
None
Ready:
False
Intelligence Requested:
Market:

Sprint:
GRC Sprint 2024-05, GRC Sprint 2024-06
Severity:
Moderate

Regression:
No

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Description of problem:

It seems that when there are multiple "constraints not satisfiable" messages, the order of those messages is not deterministic in the subscription. So every OLM reconcile causes the status to update, which causes an operator policy compliance event. This can be an infinite loop with only the OLM controller-runtime reconcile queue's backoff mechanism providing any relief.

See this operator policy message:

the policy spec is valid, the policy does not specify an OperatorGroup but one already exists in the namespace - assuming that OperatorGroup is correct, constraints not satisfiable: redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.3-0.1655383639.p, @existing/openshift-operators//gatekeeper-operator-product.v3.11.1, redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.2, redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v3.11.1, redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.6-0.1697738427.p, redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.5-0.1683051284.p and redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.4-0.1666670065.p provide Gatekeeper (operator.gatekeeper.sh/v1alpha1), clusterserviceversion gatekeeper-operator-product.v3.11.1 exists and is not referenced by a subscription, subscription gatekeeper-operator-product requires at least one of redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v3.11.1, redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.6-0.1697738427.p, redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.5-0.1683051284.p, redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.4-0.1666670065.p, redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.3-0.1655383639.p or redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.2, subscription gatekeeper-operator-product exists, there are no relevant InstallPlans in the namespace, A relevant installed ClusterServiceVersion could not be found, The ClusterServiceVersion is missing, thus meaning there are no relevant deployments, CatalogSource was found

Here is the alternate order:

the policy spec is valid, the policy does not specify an OperatorGroup but one already exists in the namespace - assuming that OperatorGroup is correct, constraints not satisfiable: clusterserviceversion gatekeeper-operator-product.v3.11.1 exists and is not referenced by a subscription, redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.4-0.1666670065.p, redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.3-0.1655383639.p, @existing/openshift-operators//gatekeeper-operator-product.v3.11.1, redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.2, redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v3.11.1, redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.6-0.1697738427.p and redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.5-0.1683051284.p originate from package gatekeeper-operator-product, subscription gatekeeper-operator-product requires at least one of redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v3.11.1, redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.6-0.1697738427.p, redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.5-0.1683051284.p, redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.4-0.1666670065.p, redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.3-0.1655383639.p or redhat-operators/openshift-marketplace/stable/gatekeeper-operator-product.v0.2.2, subscription gatekeeper-operator-product exists, there are no relevant InstallPlans in the namespace, A relevant installed ClusterServiceVersion could not be found, The ClusterServiceVersion is missing, thus meaning there are no relevant deployments, CatalogSource was found

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:

Actual results:

A flood of compliance events.

Expected results:

A change in order should not cause a compliance message change.

Additional info:

links to

RHBA-2024:130865 Red Hat Advanced Cluster Management 2.10.3 bug fixes and container updates

Assignee:: Jeffrey Luo (Inactive)

Reporter:: Matthew Prahl

QA Contact:: Derek Ho

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2024/02/29 9:03 PM

Updated:: 2024/05/13 8:55 PM

Resolved:: 2024/05/07 6:13 PM

Details

Description

Description of problem:

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:

Actual results:

Expected results:

Additional info:

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates