Details
-
Bug
-
Resolution: Done
-
Blocker
-
quay-v3.6.1
Description
Upgrades to version 3.6.1 are broken in 4.6 clusters. After upgrading the following is logged by the operator:
spec.template.spec.volumes[1].projected: Forbidden: may not specify m ore than 1 volume type
This problem was introduced by this change. When a Patch operation is executed the actual patch is not executed by the client but it is delegated to the kubernetes API instead.
When adding a "projected" property to a volume that already contains a "secret" entry the latter is not removed, thus generating a volume with both "projected" and "secret" entries (this is invalid, the volume is either a secret/configmap or a projection of multiple secrets/configmaps).
Acceptance criteria
- Upgrades work in 4.6 release
- Upgrades work in 4.7 release
- Test cases exist for upgrades in all supported OpenShift releases (QE Team)
Notes
Working quay instances most likely will continue to work with the old deployment, as a workaround users can patch clair-app deployment and:
- remove the volume "certs"
- remove the volumeMount "certs"
- scale down the operator
- scale up the operator
This will trigger a reconcile and everything should get back to normal.
