Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-31932

openshift-marketplace operators forbidden securityContext.seLinuxOptions

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • 4.12.z
    • OLM
    • None
    • No
    • Rejected
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      After upgrade to 4.12, openshift-marketplace operators (at least community-operator) cannot be recreated after deletion, with Datalog installed.

      Version-Release number of selected component (if applicable):

          4.12.33

      How reproducible:

          4.12 Cluster with Datadog installed. The SCC contains:

 SELinux Context Strategy: MustRunAs
    User:                                       system_u
    Role:                                       system_r
    Type:                                       spc_t
    Level:                                      s0

      Steps to Reproduce:

          1. Delete community-operator pod with Datadog installed, or an SCC with above `seLinuxOptions`

      Actual results:

          pod cannot recreated

      Expected results:

          pod should be recreated.
    The Datadog SCC (or customer's custom SCCs) should not affect cluster life.

      Additional info:

      OCPBUGS-20347 was mentioning the upgrade stuck, but even out of the upgrade, we should support pod deletion without having to temporarily delete the SCC which is not an acceptable solution in that case (https://access.redhat.com/solutions/7027371)

            krizza@redhat.com Kevin Rizza
            clacombe.openshift Christophe LACOMBE
            Jian Zhang Jian Zhang
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: