Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-78

Uninstalled operator can't be reinstalled if it included a conversion webhook



    • Bug
    • Resolution: Done
    • Undefined
    • 4.12.0
    • 4.9.z
    • OLM
    • None
    • Moderate
    • [OLM-223] Platform Operators
    • Hide




      Copied from an upstream issue: https://github.com/operator-framework/operator-lifecycle-manager/issues/2830

      What did you do?

      When attempting to reinstall an operator that uses conversion webhooks by

      • Deleting the operator subscription and any CSVs associated with it
      • Recreating the operator subscription

      The resulting InstallPlan enters a failed state with message similar to

      error validating existing CRs against new CRD's schema for "devworkspaces.workspace.devfile.io": error listing resources in GroupVersionResource schema.GroupVersionResource{Group:"workspace.devfile.io", Version:"v1alpha1", Resource:"devworkspaces"}: conversion webhook for workspace.devfile.io/v1alpha2, Kind=DevWorkspace failed: Post "https://devworkspace-controller-manager-service.test-namespace.svc:443/convert?timeout=30s": service "devworkspace-controller-manager-service" not found

      When the original CSVs are deleted, the operator's main deployment and service are removed, but CRDs are left in-cluster. However, since the service/CA bundle/deployment that serve the conversion webhook are removed, conversion webhooks are broken at that point. Eventually this impacts garbage collection on the cluster as well.

      This can be reproduced by installing the DevWorkspace Operator from the Red Hat catalog. (I can provide yamls/upstream images that reproduce as well, if that's helpful). It may be necessary to create a DevWorkspace in the cluster before deletion, e.g. by oc apply -f https://raw.githubusercontent.com/devfile/devworkspace-operator/main/samples/plain.yaml

      What did you expect to see?
      Operator is able to be reinstalled without removing CRDs and all instances.

      What did you see instead? Under which circumstances?
      It's necessary to completely remove the operator including CRDs. For our operator (DevWorkspace), this also makes uninstall especially complicated as finalizers are used (so CRDs cannot be deleted if the controller is removed, and the controller cannot be restored by reinstalling)


      operator-lifecycle-manager version: 4.10.24

      Kubernetes version information: Kubernetes Version: v1.23.5+012e945 (OpenShift 4.10.24)

      Kubernetes cluster kind: OpenShift


        Issue Links


            Public project attachment banner

              context keys: [headless, issue, helper, isAsynchronousRequest, project, action, user]
              current Project key: OCPBUGS


                agreene1991 Alexander Greene
                agreene1991 Alexander Greene
                Kui Wang Kui Wang
                0 Vote for this issue
                7 Start watching this issue