Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Normal
Fix Version/s: None
Affects Version/s: 4.18
Component/s: Documentation / OLM + Marketplace
Labels:
- olmv1
- triaged

Activity Type:
Quality / Stability / Reliability
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Story Points:
None
Severity:
None
Regression:
None

Target Backport Versions:
None
Target Version:
None
Release Blocker:
Rejected
Sprint:
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

PX Impact Score:

Release Note Status:
None
Release Note Type:
None
Release Note Text:
None

Escape Reason:
None
Escape Impact:
None
Corrective Measures:
None
SDLC stage when should've been found:
None

Description of problem:

Unable to create a custom clusterrole to install pipeline clusterextension by following the official red hat doc

Version-Release number of selected component (if applicable):

olm v1

How reproducible:

100%

Steps to Reproduce:

1- Follow the Red Hat documentation https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/extensions/cluster-extensions#managing-ce to install a pipeline clusterextension

2- While clusterextension installation, it will fail due to many missing rbac for the service account. if we directly assign a cluster admin role to the service account the installation will get succeeded.

3- The issue is that, its not possible to create a clusterrole by following the instruction in the doc.

Actual results:

unable to create a clusterrole with respect to clusterextension

Expected results:

 Should be able to create a clusterrole with respect to clusterextension

Additional info:

The installation is failing with below error:

- lastTransitionTime: "2025-04-08T05:33:49Z"
    message: "32 errors occurred:\n\t* serviceaccounts \"openshift-pipelines-operator\"
      is forbidden: cannot set blockOwnerDeletion if an ownerReference refers to a
      resource you can't set finalizers on: , <nil>\n\t* secrets \"tekton-operator-webhook-certs\"
      is forbidden: cannot set blockOwnerDeletion if an ownerReference refers to a
      resource you can't set finalizers on: , <nil>\n\t* configmaps \"tekton-operator-info\"
      is forbidden: cannot set blockOwnerDeletion if an ownerReference refers to a
      resource you can't set finalizers on: , <nil>\n\t* configmaps \"tekton-config-defaults\"
      is forbidden: cannot set blockOwnerDeletion if an ownerReference refers to a
      resource you can't set finalizers on: , <nil>\n\t* configmaps \"tekton-config-observability\"
      is forbidden: cannot set blockOwnerDeletion if an ownerReference refers to a
      resource you can't set finalizers on: , <nil>\n\t* configmaps \"tekton-operator-controller-config-leader-election\"
      is forbidden: cannot set blockOwnerDeletion if an ownerReference refers to a

Assignee:: Michael Peter

Reporter:: MUHAMMED ASLAM V K

Need Info From:: None

Contributors:: None

QA Contact:: bruno andrade

Doc Contact:: None

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2025/04/09 5:43 AM

Updated:: 2025/12/18 2:57 PM

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates