-
Bug
-
Resolution: Done
-
Undefined
-
None
-
4.17.z, 4.16.z, 4.18.z, 4.19.0
-
None
-
Quality / Stability / Reliability
-
False
-
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
When Image Registry management state is set to Removed the IR gets removed, however the SAs created persist and contain a finalizer which prohibits their removal. As a result namespaces cannot be cleaned up when the namespace was created before the IR was removed.
Version-Release number of selected component (if applicable):
All current releases, requesting fix in 4.16.z and newer
How reproducible:
100%
Steps to Reproduce:
1. Install a cluster w/ ImageRegistry on Azure
2. Create some workload namespaces, ensure that IR pull secrets are created
3. Set Image Registry ManagementState to Removed
Actual results:
Pull secrets persist and have a finalizer inhibiting their removal
Expected results:
Pull secrets at least have their finalizer from IR removed allowing them to be deleted, if it makes sense to remove them on IR transitioning to removed state that may make sense too but need to make sure that there's no risk of the pull secrets being used for other purposes. If that's a risk then it seems like we could leave them in place but ensure the finalizer is removed.
Additional info:
- duplicates
-
-
- Verified
-
