Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-31932

openshift-marketplace operators forbidden securityContext.seLinuxOptions

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Normal Normal
    • None
    • 4.12.z
    • OLM
    • Moderate
    • No
    • Umbridge OLM Sprint 255
    • 1
    • Rejected
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      After upgrade to 4.12, openshift-marketplace operators (at least community-operator) cannot be recreated after deletion, with Datalog installed.

      Version-Release number of selected component (if applicable):

          4.12.33

      How reproducible:

          4.12 Cluster with Datadog installed. The SCC contains:

 SELinux Context Strategy: MustRunAs
    User:                                       system_u
    Role:                                       system_r
    Type:                                       spc_t
    Level:                                      s0

      Steps to Reproduce:

          1. Delete community-operator pod with Datadog installed, or an SCC with above `seLinuxOptions`

      Actual results:

          pod cannot recreated

      Expected results:

          pod should be recreated.
    The Datadog SCC (or customer's custom SCCs) should not affect cluster life.

      Additional info:

      OCPBUGS-20347 was mentioning the upgrade stuck, but even out of the upgrade, we should support pod deletion without having to temporarily delete the SCC which is not an acceptable solution in that case (https://access.redhat.com/solutions/7027371)

              rh-ee-jkeister Jordan Keister
              clacombe.openshift Christophe LACOMBE
              Jian Zhang Jian Zhang
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: