Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-7904

Uninstalled operator can't be reinstalled if it included a conversion webhook


    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Normal Normal
    • None
    • 4.9.z
    • OLM
    • Moderate
    • No
    • Yamask 233, Zuko 234, Anarchy 235, Bulbasaur, Chaos, Doomsday, Err
    • 7
    • Rejected
    • False
    • Hide



      This is a clone of issue OCPBUGS-1556. The following is the description of the original issue:

      This is a clone of issue OCPBUGS-78. The following is the description of the original issue:

      Copied from an upstream issue: https://github.com/operator-framework/operator-lifecycle-manager/issues/2830

      What did you do?

      When attempting to reinstall an operator that uses conversion webhooks by

      • Deleting the operator subscription and any CSVs associated with it
      • Recreating the operator subscription

      The resulting InstallPlan enters a failed state with message similar to

      error validating existing CRs against new CRD's schema for "devworkspaces.workspace.devfile.io": error listing resources in GroupVersionResource schema.GroupVersionResource{Group:"workspace.devfile.io", Version:"v1alpha1", Resource:"devworkspaces"}: conversion webhook for workspace.devfile.io/v1alpha2, Kind=DevWorkspace failed: Post "https://devworkspace-controller-manager-service.test-namespace.svc:443/convert?timeout=30s": service "devworkspace-controller-manager-service" not found

      When the original CSVs are deleted, the operator's main deployment and service are removed, but CRDs are left in-cluster. However, since the service/CA bundle/deployment that serve the conversion webhook are removed, conversion webhooks are broken at that point. Eventually this impacts garbage collection on the cluster as well.

      This can be reproduced by installing the DevWorkspace Operator from the Red Hat catalog. (I can provide yamls/upstream images that reproduce as well, if that's helpful). It may be necessary to create a DevWorkspace in the cluster before deletion, e.g. by oc apply -f https://raw.githubusercontent.com/devfile/devworkspace-operator/main/samples/plain.yaml

      What did you expect to see?
      Operator is able to be reinstalled without removing CRDs and all instances.

      What did you see instead? Under which circumstances?
      It's necessary to completely remove the operator including CRDs. For our operator (DevWorkspace), this also makes uninstall especially complicated as finalizers are used (so CRDs cannot be deleted if the controller is removed, and the controller cannot be restored by reinstalling)


      operator-lifecycle-manager version: 4.10.24

      Kubernetes version information: Kubernetes Version: v1.23.5+012e945 (OpenShift 4.10.24)

      Kubernetes cluster kind: OpenShift

            agreene1991 Alexander Greene
            openshift-crt-jira-prow OpenShift Prow Bot
            Kui Wang Kui Wang
            0 Vote for this issue
            6 Start watching this issue