Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-62818

Documentation for SCC Disabled Namespaces Inaccurate

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • 4.19.z
    • Documentation / Authentication
    • None
    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Description of problem:

      
List of namespaces that have Security Context Constraints disabled is not accurate. It specifies that namespaces with the `openshift.io/run-level` label are not subject to the SCC admissoin plugin. However, the "default" namespace (and several others listed there) no longer have this label.

      Version-Release number of selected component (if applicable):

      4.19.8

      How reproducible:

      Always

      Steps to Reproduce:

          oc get ns default -o yaml

      Actual results:

      Namespace does not have the openshift.io/run-level label, as suggested by the doc.

      Expected results:

      Namespace has the openshift.io/run-level label, OR documentation provides other means of identifying namespaces where the SCC admission plugin is disabled.

      Additional info:

      Affected documentation: https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html-single/authentication_and_authorization/index#role-based-access-to-ssc_configuring-internal-oauth

              ocp-docs-bot OCP DocsBot
              adkaplan@redhat.com Adam Kaplan
              None
              None
              XiuJuan Wang XiuJuan Wang
              None
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: