Uploaded image for project: 'Red Hat Advanced Cluster Management'
  1. Red Hat Advanced Cluster Management
  2. ACM-15052

Policy ignore multiple object-template for same object

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • None
    • None
    • Governance
    • None
    • False
    • None
    • False
    • None

      Description of problem:

      Creating a Policy with more than one object-template that points to the same CR works wrongly.

      The Policy tries to do two things over the same object. Here the `master` MCP:

      > oc -n vsno7 get policy ztp-site.sno7-tune-mcp
      NAME                     REMEDIATION ACTION   COMPLIANCE STATE   AGE
      ztp-site.sno7-tune-mcp   inform               Compliant          111s
      > oc -n vsno7 get policy ztp-site.sno7-tune-mcp -o yaml |  yq ' . | select( .kind == "Policy" ) | .spec.policy-templates[0].objectDefinition.spec.object-templates'
      - complianceType: musthave
        objectDefinition:
          apiVersion: machineconfiguration.openshift.io/v1
          kind: MachineConfigPool
          metadata:
            name: master
          spec:
            paused: true
      - complianceType: musthave
        objectDefinition:
          apiVersion: machineconfiguration.openshift.io/v1
          kind: MachineConfigPool
          metadata:
            name: master
          spec:
            maxUnavailable: 75% 

      The Policy appears as `compliant` 

      > oc -n vsno7 get policy ztp-site.sno7-tune-mcp
      NAME                     REMEDIATION ACTION   COMPLIANCE STATE   AGE
      ztp-site.sno7-tune-mcp   inform               Compliant          111s 

      but it is actually not, because the object has been applied only with the first object-templae:

      [jgato@provisioner ~]$ oc get mcp master -o yaml | grep paused
        paused: true
      [jgato@provisioner ~]$ oc get mcp master -o yaml | grep maxUnavailable
      [jgato@provisioner ~]$  

      only the first object-template is honored. But the whole Policy appears Compliant.

      Version-Release number of selected component (if applicable):

      2.11

      How reproducible:

      create a Policy with serveral object-templates to modify the same object.

      Steps to Reproduce:

      1.  
      2.  
      3. ...

      Actual results:

      Expected results:

      Additional info:

              Unassigned Unassigned
              jgato@redhat.com Jose Gato Luis
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: