-
Bug
-
Resolution: Done-Errata
-
Normal
-
None
-
4.16, 4.17.0
-
None
-
Moderate
-
Yes
-
False
-
Description of problem:
Rule ocp4-moderate-resource-requests-quota fail if the ResourceQuota exists in all non-control namespaces
Version-Release number of selected component (if applicable):
4.17.0-0.nightly-2024-09-17-194622
How reproducible:
Always
Steps to Reproduce:
1. Install compliance-operator.v1.6.0 2. Create a namespace: $ oc new-project test-no-rate-limit 3. Create a resourcequota in the project: % oc create -f - <<EOF apiVersion: v1 kind: ResourceQuota metadata: name: example-1 namespace: test-no-rate-limit spec: hard: limits.cpu: "2" limits.memory: 2Gi pods: "4" requests.cpu: "1" requests.memory: 1Gi EOF resourcequota/example-1 created 4. Create a ssb: % oc patch ss/default --type='merge' -p '{"debug":true}' scansetting.compliance.openshift.io/default patched $ oc create -f - << EOF apiVersion: compliance.openshift.io/v1alpha1 kind: ScanSettingBinding metadata: name: ocp4-moderate-test profiles: - name: ocp4-moderate kind: Profile apiGroup: compliance.openshift.io/v1alpha1 settingsRef: name: default kind: ScanSetting apiGroup: compliance.openshift.io/v1alpha1 EOF
Actual results:
Rule ocp4-moderate-resource-requests-quota fail if the ResourceQuota exists in all non-control namespaces % oc get ccr| grep quota ocp4-moderate-resource-requests-quota FAIL medium
Expected results:
Rule ocp4-moderate-resource-requests-quota should pass if the ResourceQuota exists in all non-control namespaces
Additional info:
- links to
-
RHBA-2024:6761
OpenShift Compliance Operator 1.6.0
- mentioned on
