Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-6990

TALM does not enforce subscriptions when catalogsource is updated and both policies are in the same CGU

XMLWordPrintable

    • None
    • False
    • Hide

      None

      Show
      None
    • Rel Note for Telco: Yes

      This is a clone of issue OCPBUGS-2812. The following is the description of the original issue:

      In the reference configuration the CatalogSource is in the common-config policy and subscriptions are in common-subscriptions. If the user updates the catalogsource to point to a new index (as recommended) and places both common-config and common-subscriptions into the CGU for enforcement, only the common-config policy is enforced.

      TALM sees that the common-subscription Policy starts off as Compliant (it won't go non-compliant until the index is changed) and skips enforcement of the Policy.

      The workaround is to add a trivial change to one CR in the common-subscription policy. This will set the policy to non-compliant prior to the CGU being enabled and keep TALM from skipping it. For example (the value can be changed on each upgrade as needed):

          - fileName: SriovSubscription.yaml
      policyName: "subscriptions-policy"
      metadata:
        annotations:
          temp-for-upgrade: "1"

              jche@redhat.com Jun Chen
              openshift-crt-jira-prow OpenShift Prow Bot
              Bonnie Block Bonnie Block
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: