Uploaded image for project: 'OpenShift Cloud'
  1. OpenShift Cloud
  2. OCPCLOUD-2511

Should not be able to remove Infrastructure Cluster resources

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Normal Normal
    • None
    • None
    • CLOUD Sprint 258, CLOUD Sprint 259

      Background

      We expect every openshift cluster that relies on Cluster API to have an infrastructure cluster and a cluster object.

      These resources should exist for the lifetime of the cluster and should not be able to be removed.

      We must ensure that infracluster objects from supported platforms cannot be deleted once created.

      Changes to go into the cluster-capi-operator.

      Steps

      • Build validating admission that prevents InfraCluster objects from being deleted
      • Either use a webhook, or ValidatingAdmissionPolicy to achieve this
      • Apply only to the infracluster object in the openshift-cluster-api namespace

      Stakeholders

      • Cluster infra

      Definition of Done

      • When installed into a cluster, the cluster's infracluster object cannot be removed using `oc delete`
      • Docs
      • <Add docs requirements for this card>
      • Testing
      • <Explain testing that will be added>

              ddonati@redhat.com Damiano Donati
              joelspeed Joel Speed
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: