-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
4.15
-
None
-
None
-
False
-
Description of problem:
If the ImageRegistry Capability is not enabled on clusters upgraded from versions which did not have ImageRegistry added to default capabilities list and somehow it was missed to be enabled,but was configured as `Managed`; after upgrading to `4.15` the serviceaccount secrets are deleted.
Since capabilities are becoming optional at some point in time, the operator MUST check for any configuration present on the cluster BEFORE taking any action to remove the capabilities.
Version-Release number of selected component (if applicable):
How reproducible:
Steps to Reproduce:
1. The OCP cluster running on 4.14 without the ImageRegistry capability enabled (by accident).
2. The cluster was born with 4.12 and thus the ImageRegistry was present and not removed.
3. The controller-manager-operator was not doing anything, since the removal of secrets is only implemented in 4.15
4. After moving to OCP 4.15 , since ImageRegistry Capability was not enabled, but had `Managed` state, the serviceaccount secrets were deleted.
Actual results:
The ServiceAccount secrets used to authenticate to internal image registry were deleted.
Expected results:
The secrets should not be deleted when the imageregistry is set as `Managed`
Additional info:
- relates to
-
-
- Verified
-
