-
Bug
-
Resolution: Done
-
Major
-
compliance-operator-1.4.0
-
False
-
None
-
False
-
-
-
Moderate
ISSUE: ocp4-cis-api-server-api-priority-gate-enabled rule is failing even if APIPriorityAndFairness enabled.
Description:
As per the first rule "ocp4-cis-api-server-api-priority-gate-enabled " it will check "APIPriorityAndFairness=true" value in kube-apiserver CR.
- oc get kubeapiservers.operator.openshift.io cluster -o json | jq '.spec.observedConfig.apiServerArguments["feature-gates"]'
As this parameter enabled in code itself and its only reflected in logs and metrics.
Ideally we need to modify the rule to check this parameter in metrics.
kubernetes_feature_enabled
{name="APIPriorityAndFairness"}- links to
-
RHBA-2024:1830 OpenShift Compliance Operator bug fix and enhancement update
- mentioned on
(1 mentioned on)