-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.10.3 security update Advisory ID: RHSA-2022:0056-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2022:0056 Issue date: 2022-03-10 CVE Names: CVE-2014-3577 CVE-2016-10228 CVE-2017-14502 CVE-2018-20843 CVE-2018-1000858 CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-9169 CVE-2019-13050 CVE-2019-13627 CVE-2019-14889 CVE-2019-15903 CVE-2019-19906 CVE-2019-20454 CVE-2019-20807 CVE-2019-25013 CVE-2020-1730 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-3885 CVE-2020-3894 CVE-2020-3895 CVE-2020-3897 CVE-2020-3899 CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 CVE-2020-8927 CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 CVE-2020-9952 CVE-2020-10018 CVE-2020-11793 CVE-2020-13434 CVE-2020-14391 CVE-2020-15358 CVE-2020-15503 CVE-2020-25660 CVE-2020-25677 CVE-2020-27618 CVE-2020-27781 CVE-2020-29361 CVE-2020-29362 CVE-2020-29363 CVE-2021-3121 CVE-2021-3326 CVE-2021-3449 CVE-2021-3450 CVE-2021-3516 CVE-2021-3517 CVE-2021-3518 CVE-2021-3520 CVE-2021-3521 CVE-2021-3537 CVE-2021-3541 CVE-2021-3733 CVE-2021-3749 CVE-2021-20305 CVE-2021-21684 CVE-2021-22946 CVE-2021-22947 CVE-2021-25215 CVE-2021-27218 CVE-2021-30666 CVE-2021-30761 CVE-2021-30762 CVE-2021-33928 CVE-2021-33929 CVE-2021-33930 CVE-2021-33938 CVE-2021-36222 CVE-2021-37750 CVE-2021-39226 CVE-2021-41190 CVE-2021-43813 CVE-2021-44716 CVE-2021-44717 CVE-2022-0532 CVE-2022-21673 CVE-2022-24407 ==================================================================== 1. Summary: Red Hat OpenShift Container Platform release 4.10.3 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.3. See the following advisory for the RPM packages for this release: https://access.redhat.com/errata/RHSA-2022:0055 Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html Security Fix(es): * gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121) * grafana: Snapshot authentication bypass (CVE-2021-39226) * golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716) * nodejs-axios: Regular expression denial of service in trim function (CVE-2021-3749) * golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717) * grafana: Forward OAuth Identity Token can allow users to access some data sources (CVE-2022-21673) * grafana: directory traversal vulnerability (CVE-2021-43813) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. You may download the oc tool and use it to inspect release image metadata as follows: (For x86_64 architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.10.3-x86_64 The image digest is sha256:7ffe4cd612be27e355a640e5eec5cd8f923c1400d969fd590f806cffdaabcc56 (For s390x architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.10.3-s390x The image digest is sha256:4cf21a9399da1ce8427246f251ae5dedacfc8c746d2345f9cfe039ed9eda3e69 (For ppc64le architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.10.3-ppc64le The image digest is sha256:4ee571da1edf59dfee4473aa4604aba63c224bf8e6bcf57d048305babbbde93c All OpenShift Container Platform 4.10 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html 3. Solution: For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for moderate instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1808240 - Always return metrics value for pods under the user's namespace 1815189 - feature flagged UI does not always become available after operator installation 1825034 - e2e: Mock CSI tests fail on IBM ROKS clusters1826225 - edge terminated h2 (gRPC) connections need a haproxy template change to work correctly 1860774 - csr for vSphere egress nodes were not approved automatically during cert renewal 1878106 - token inactivity timeout is not shortened after oauthclient/oauth config values are lowered 1878925 - 'oc adm upgrade --to ...' rejects versions which occur only in history, while the cluster-version operator supports history fallback 1880738 - origin e2e test deletes original worker 1882983 - oVirt csi driver should refuse to provision RWX and ROX PV 1886450 - Keepalived router id check not documented for RHV/VMware IPI 1889488 - The metrics endpoint for the Scheduler is not protected by RBAC 1894431 - Router pods fail to boot if the SSL certificate applied is missing an empty line at the bottom 1896474 - Path based routing is broken for some combinations 1897431 - CIDR support for additional network attachment with the bridge CNI plug-in 1903408 - NodePort externalTrafficPolicy does not work for ovn-kubernetes 1907433 - Excessive logging in image operator 1909906 - The router fails with PANIC error when stats port already in use 1911173 - [MSTR-998] Many charts' legend names show {{}} instead of words 1914053 - pods assigned with Multus whereabouts IP get stuck in ContainerCreating state after node rebooting. 1916169 - a reboot while MCO is applying changes leaves the node in undesirable state and MCP looks fine (UPDATED=true) 1917893 - [ovirt] install fails: due to terraform error "Cannot attach Virtual Disk: Disk is locked" on vm resource 1921627 - GCP UPI installation failed due to exceeding gcp limitation of instance group name 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1926522 - oc adm catalog does not clean temporary files 1927478 - Default CatalogSources deployed by marketplace do not have toleration for tainted nodes. 1928141 - kube-storage-version-migrator constantly reporting type "Upgradeable" status Unknown 1928285 - [LSO][OCS][arbiter] OCP Console shows no results while in fact underlying setup of LSO localvolumeset and it's storageclass is not yet finished, confusing users1931594 - [sig-cli] oc --request-timeout works as expected fails frequently on s390x 1933847 - Prometheus goes unavailable (both instances down) during 4.8 upgrade 1937085 - RHV UPI inventory playbook missing guarantee_memory 1937196 - [aws ebs csi driver] events for block volume expansion may cause confusion 1938236 - vsphere-problem-detector does not support overriding log levels via storage CR 1939401 - missed labels for CMO/openshift-state-metric/telemeter-client/thanos-querier pods 1939435 - Setting an IPv6 address in noProxy field causes error in openshift installer 1939552 - [sig-api-machinery] CustomResourcePublishOpenAPI [Privileged:ClusterAdmin] works for CRD preserving unknown fields in an embedded object [Conformance] [Suite:openshift/conformance/parallel/minimal] [Suite:k8s] 1942913 - ThanosSidecarUnhealthy isn't resilient to WAL replays. 1943363 - [ovn] CNO should gracefully terminate ovn-northd 1945274 - ostree-finalize-staged.service failed while upgrading a rhcos node to 4.6.17 1948080 - authentication should not set Available=False APIServices_Error with 503s 1949262 - Prometheus Statefulsets should have 2 replicas and hard affinity set 1949672 - [GCP] Update 4.8 UPI template to match ignition version: 3.2.0 1950827 - [LSO] localvolumediscoveryresult name is not friendly to customer 1952576 - csv_succeeded metric not present in olm-operator for all successful CSVs 1953264 - "remote error: tls: bad certificate" logs in prometheus-operator container 1955300 - Machine config operator reports unavailable for 23m during upgrade 1955489 - Alertmanager Statefulsets should have 2 replicas and hard affinity set 1955490 - Thanos ruler Statefulsets should have 2 replicas and hard affinity set 1955544 - [IPI][OSP] densed master-only installation with 0 workers fails due to missing worker security group on masters1956496 - Needs SR-IOV Docs Upstream 1956739 - Permission for authorized_keys for core user changes from core user to root when changed the pull secret 1956776 - [vSphere] Installer should do pre-check to ensure user-provided network name is valid 1956964 - upload a boot-source to OpenShift virtualization using the console 1957547 - [RFE]VM name is not auto filled in dev console 1958349 - ovn-controller doesn't release the memory after cluster-density run 1959352 - [scale] failed to get pod annotation: timed out waiting for annotations 1960378 - icsp allows mirroring of registry root - install-config imageContentSources does not 1960674 - Broken test: [sig-imageregistry][Serial][Suite:openshift/registry/serial] Image signature workflow can push a signed image to openshift registry and verify it [Suite:openshift/conformance/serial] 1961317 - storage ClusterOperator does not declare ClusterRoleBindings in relatedObjects 1961391 - String updates 1961509 - DHCP daemon pod should have CPU and memory requests set but not limits 1962066 - Edit machine/machineset specs not working 1962206 - openshift-multus/dhcp-daemon set should meet platform requirements for update strategy that have maxUnavailable update of 10 or 33 percent 1963053 - `oc whoami --show-console` should show the web console URL, not the server api URL 1964112 - route SimpleAllocationPlugin: host name validation errors: spec.host: Invalid value: ... must be no more than 63 characters1964327 - Support containers with name:tag@digest 1964789 - Send keys and disconnect does not work for VNC console 1965368 - ClusterQuotaAdmission received non-meta object - message constantly reported in OpenShift Container Platform 4.7 1966445 - Unmasking a service doesn't work if it masked using MCO 1966477 - Use GA version in KAS/OAS/OauthAS to avoid: "audit.k8s.io/v1beta1" is deprecated and will be removed in a future release, use "audit.k8s.io/v1" instead 1966521 - kube-proxy's userspace implementation consumes excessive CPU 1968364 - [Azure] when using ssh type ed25519 bootstrap fails to come up 1970021 - nmstate does not persist its configuration due to overlay systemd-connections-merged mount 1970218 - MCO writes incorrect file contents if compression field is specified 1970331 - [sig-auth][Feature:SCC][Early] should not have pod creation failures during install [Suite:openshift/conformance/parallel] 1970805 - Cannot create build when docker image url contains dir structure 1972033 - [azure] PV region node affinity is failure-domain.beta.kubernetes.io instead of topology.kubernetes.io 1972827 - image registry does not remain available during upgrade 1972962 - Should set the minimum value for the `--max-icsp-size` flag of `oc adm catalog mirror` 1973447 - ovn-dbchecker peak memory spikes to ~500MiB during cluster-density run 1975826 - ovn-kubernetes host directed traffic cannot be offloaded as CT zone 64000 is not established 1976301 - [ci] e2e-azure-upi is permafailing 1976399 - During the upgrade from OpenShift 4.5 to OpenShift 4.6 the election timers for the OVN north and south databases did not change. 1976674 - CCO didn't set Upgradeable to False when cco mode is configured to Manual on azure platform 1976894 - Unidling a StatefulSet does not work as expected 1977319 - [Hive] Remove stale cruft installed by CVO in earlier releases 1977414 - Build Config timed out waiting for condition 400: Bad Request 1977929 - [RFE] Display Network Attachment Definitions from openshift-multus namespace during OCS deployment via UI using Multus 1978528 - systemd-coredump started and failed intermittently for unknown reasons 1978581 - machine-config-operator: remove runlevel from mco namespace 1979562 - Cluster operators: don't show messages when neither progressing, degraded or unavailable 1979962 - AWS SDN Network Stress tests have not passed in 4.9 release-openshift-origin-installer-e2e-aws-sdn-network-stress-4.9 1979966 - OCP builds always fail when run on RHEL7 nodes 1981396 - Deleting pool inside pool page the pool stays in Ready phase in the heading 1981549 - Machine-config daemon does not recover from broken Proxy configuration 1981867 - [sig-cli] oc explain should contain proper fields description for special types [Suite:openshift/conformance/parallel] 1981941 - Terraform upgrade required in openshift-installer to resolve multiple issues 1982063 - 'Control Plane' is not translated in Simplified Chinese language in Home->Overview page 1982498 - Default registry credential path should be adjusted to use containers/auth.json for oc commands 1982662 - Workloads - DaemonSets - Add storage: i18n misses 1982726 - kube-apiserver audit logs show a lot of 404 errors for DELETE "*/secrets/encryption-config" on single node clusters1983758 - upgrades are failing on disruptive tests 1983964 - Need Device plugin configuration for the NIC "needVhostNet" & "isRdma" 1984592 - global pull secret not working in OCP4.7.4+ for additional private registries 1985073 - new-in-4.8 ExtremelyHighIndividualControlPlaneCPU fires on some GCP update jobs 1985486 - Cluster Proxy not used during installation on OSP with Kuryr 1985724 - VM Details Page missing translations 1985838 - [OVN] CNO exportNetworkFlows does not clear collectors when deleted 1985933 - Downstream image registry recommendation 1985965 - oVirt CSI driver does not report volume stats 1986216 - [scale] SNO: Slow Pod recovery due to "timed out waiting for OVS port binding" 1986237 - "MachineNotYetDeleted" in Pending state , alert not fired 1986239 - crictl create fails with "PID namespace requested, but sandbox infra container invalid" 1986302 - console continues to fetch prometheus alert and silences for normal user 1986314 - Current MTV installation for KubeVirt import flow creates unusable Forklift UI 1986338 - error creating list of resources in Import YAML 1986502 - yaml multi file dnd duplicates previous dragged files 1986819 - fix string typos for hot-plug disks 1987044 - [OCPV48] Shutoff VM is being shown as "Starting" in WebUI when using spec.runStrategy Manual/RerunOnFailure 1987136 - Declare operatorframework.io/arch.* labels for all operators1987257 - Go-http-client user-agent being used for oc adm mirror requests 1987263 - fsSpaceFillingUpWarningThreshold not aligned to Kubernetes Garbage Collection Threshold 1987445 - MetalLB integration: All gateway routers in the cluster answer ARP requests for LoadBalancer services IP 1988406 - SSH key dropped when selecting "Customize virtual machine" in UI 1988440 - Network operator changes ovnkube-config too early causing ovnkube-master pods to crashloop during cluster upgrade 1988483 - Azure drop ICMP need to frag FRAG when using OVN: openshift-apiserver becomes False after env runs some time due to communication between one master to pods on another master fails with "Unable to connect to the server" 1988879 - Virtual media based deployment fails on Dell servers due to pending Lifecycle Controller jobs 1989438 - expected replicas is wrong 1989502 - Developer Catalog is disappearing after short time 1989843 - 'More' and 'Show Less' functions are not translated on several page 1990014 - oc debug does not work for Windows pods 1990190 - e2e testing failed with basic manifest: reason/ExternalProvisioning waiting for a volume to be created 1990193 - 'more' and 'Show Less' is not being translated on Home -> Search page 1990255 - Partial or all of the Nodes/StorageClasses don't appear back on UI after text is removed from search bar 1990489 - etcdHighNumberOfFailedGRPCRequests fires only on metal env in CI 1990506 - Missing udev rules in initramfs for /dev/disk/by-id/scsi-* symlinks 1990556 - get-resources.sh doesn't honor the no_proxy settings even with no_proxy var 1990625 - Ironic agent registers with SLAAC address with privacy-stable 1990635 - CVO does not recognize the channel change if desired version and channel changed at the same time 1991067 - github.com can not be resolved inside pods where cluster is running on openstack. 1991573 - Enable typescript strictNullCheck on network-policies files 1991641 - Baremetal Cluster Operator still Available After Delete Provisioning 1991770 - The logLevel and operatorLogLevel values do not work with Cloud Credential Operator 1991819 - Misspelled word "ocurred" in oc inspect cmd 1991942 - Alignment and spacing fixes 1992414 - Two rootdisks show on storage step if 'This is a CD-ROM boot source' is checked 1992453 - The configMap failed to save on VM environment tab 1992466 - The button 'Save' and 'Reload' are not translated on vm environment tab 1992475 - The button 'Open console in New Window' and 'Disconnect' are not translated on vm console tab 1992509 - Could not customize boot source due to source PVC not found 1992541 - all the alert rules' annotations "summary" and "description" should comply with the OpenShift alerting guidelines 1992580 - storageProfile should stay with the same value by check/uncheck the apply button 1992592 - list-type missing in oauth.config.openshift.io for identityProviders breaking Server Side Apply 1992777 - [IBMCLOUD] Default "ibm_iam_authorization_policy" is not working as expected in all scenarios 1993364 - cluster destruction fails to remove router in BYON with Kuryr as primary network (even after BZ 1940159 got fixed) 1993376 - periodic-ci-openshift-release-master-ci-4.6-upgrade-from-stable-4.5-e2e-azure-upgrade is permfailing 1994094 - Some hardcodes are detected at the code level in OpenShift console components 1994142 - Missing required cloud config fields for IBM Cloud 1994733 - MetalLB: IP address is not assigned to service if there is duplicate IP address in two address pools 1995021 - resolv.conf and corefile sync slows down/stops after keepalived container restart 1995335 - [SCALE] ovnkube CNI: remove ovs flows check 1995493 - Add Secret to workload button and Actions button are not aligned on secret details page 1995531 - Create RDO-based Ironic image to be promoted to OKD 1995545 - Project drop-down amalgamates inside main screen while creating storage system for odf-operator 1995887 - [OVN]After reboot egress node, lr-policy-list was not correct, some duplicate records or missed internal IPs 1995924 - CMO should report `Upgradeable: false` when HA workload is incorrectly spread 1996023 - kubernetes.io/hostname values are larger than filter when create localvolumeset from webconsole 1996108 - Allow backwards compatibility of shared gateway mode to inject host-based routes into OVN 1996624 - 100% of the cco-metrics/cco-metrics targets in openshift-cloud-credential-operator namespace are down 1996630 - Fail to delete the first Authorized SSH Key input box on Advanced page 1996647 - Provide more useful degraded message in auth operator on DNS errors1996736 - Large number of 501 lr-policies in INCI2 env 1996886 - timedout waiting for flows during pod creation and ovn-controller pegged on worker nodes 1996916 - Special Resource Operator(SRO) - Fail to deploy simple-kmod on GCP 1996928 - Enable default operator indexes on ARM 1997028 - prometheus-operator update removes env var support for thanos-sidecar 1997059 - Failed to create cluster in AWS us-east-1 region due to a local zone is used 1997226 - Ingresscontroller reconcilations failing but not shown in operator logs or status of ingresscontroller. 1997245 - "Subscription already exists in openshift-storage namespace" error message is seen while installing odf-operator via UI 1997269 - Have to refresh console to install kube-descheduler 1997478 - Storage operator is not available after reboot cluster instances 1997509 - flake: [sig-cli] oc builds new-build [Skipped:Disconnected] [Suite:openshift/conformance/parallel] 1997967 - storageClass is not reserved from default wizard to customize wizard 1998035 - openstack IPI CI: custom var-lib-etcd.mount (ramdisk) unit is racing due to incomplete After/Before order 1998038 - [e2e][automation] add tests for UI for VM disk hot-plug 1998087 - Fix CephHealthCheck wrapping contents and add data-tests for HealthItem and SecondaryStatus 1998174 - Create storageclass gp3-csi after install ocp cluster on aws 1998183 - "r: Bad Gateway" info is improper 1998235 - Firefox warning: Cookie “csrf-token” will be soon rejected 1998377 - Filesystem table head is not full displayed in disk tab 1998378 - Virtual Machine is 'Not available' in Home -> Overview -> Cluster inventory 1998519 - Add fstype when create localvolumeset instance on web console 1998951 - Keepalived conf ingress peer on in Dual stack cluster contains both IPv6 and IPv4 addresses 1999076 - [UI] Page Not Found error when clicking on Storage link provided in Overview page 1999079 - creating pods before sriovnetworknodepolicy sync up succeed will cause node unschedulable 1999091 - Console update toast notification can appear multiple times 1999133 - removing and recreating static pod manifest leaves pod in error state 1999246 - .indexignore is not ingore when oc command load dc configuration 1999250 - ArgoCD in GitOps operator can't manage namespaces 1999255 - ovnkube-node always crashes out the first time it starts 1999261 - ovnkube-node log spam (and security token leak?) 1999309 - While installing odf-operator via UI, web console update pop-up navigates to OperatorHub -> Operator Installation page 1999314 - console-operator is slow to mark Degraded as False once console starts working 1999425 - kube-apiserver with "[SHOULD NOT HAPPEN] failed to update managedFields" err="failed to convert new object (machine.openshift.io/v1beta1, Kind=MachineHealthCheck) 1999556 - "master" pool should be updated before the CVO reports available at the new version occurred 1999578 - AWS EFS CSI tests are constantly failing 1999603 - Memory Manager allows Guaranteed QoS Pod with hugepages requested is exactly equal to the left over Hugepages 1999619 - cloudinit is malformatted if a user sets a password during VM creation flow 1999621 - Empty ssh_authorized_keys entry is added to VM's cloudinit if created from a customize flow 1999649 - MetalLB: Only one type of IP address can be assigned to service on dual stack cluster from a address pool that have both IPv4 and IPv6 addresses defined 1999668 - openshift-install destroy cluster panic's when given invalid credentials to cloud provider (Azure Stack Hub) 1999734 - IBM Cloud CIS Instance CRN missing in infrastructure manifest/resource 1999771 - revert "force cert rotation every couple days for development" in 4.10 1999784 - CVE-2021-3749 nodejs-axios: Regular expression denial of service in trim function 1999796 - Openshift Console `Helm` tab is not showing helm releases in a namespace when there is high number of deployments in the same namespace. 1999836 - Admin web-console inconsistent status summary of sparse ClusterOperator conditions 1999903 - Click "This is a CD-ROM boot source" ticking "Use template size PVC" on pvc upload form 1999983 - No way to clear upload error from template boot source 2000081 - [IPI baremetal] The metal3 pod failed to restart when switching from Disabled to Managed provisioning without specifying provisioningInterface parameter 2000096 - Git URL is not re-validated on edit build-config form reload 2000216 - Successfully imported ImageStreams are not resolved in DeploymentConfig 2000236 - Confusing usage message from dynkeepalived CLI 2000268 - Mark cluster unupgradable if vcenter, esxi versions or HW versions are unsupported 2000430 - bump cluster-api-provider-ovirt version in installer 2000450 - 4.10: Enable static PV multi-az test 2000490 - All critical alerts shipped by CMO should have links to a runbook 2000521 - Kube-apiserver CO degraded due to failed conditional check (ConfigObservationDegraded) 2000573 - Incorrect StorageCluster CR created and ODF cluster getting installed with 2 Zone OCP cluster 2000628 - ibm-flashsystem-storage-storagesystem got created without any warning even when the attempt was cancelled 2000651 - ImageStreamTag alias results in wrong tag and invalid link in Web Console 2000754 - IPerf2 tests should be lower 2000846 - Structure logs in the entire codebase of Local Storage Operator 2000872 - [tracker] container is not able to list on some directories within the nfs after upgrade to 4.7.24 2000877 - OCP ignores STOPSIGNAL in Dockerfile and sends SIGTERM 2000938 - CVO does not respect changes to a Deployment strategy 2000963 - 'Inline-volume (default fs)] volumes should store data' tests are failing on OKD with updated selinux-policy 2001008 - [MachineSets] CloneMode defaults to linkedClone, but I don't have snapshot and should be fullClone 2001240 - Remove response headers for downloads of binaries from OpenShift WebConsole 2001295 - Remove openshift:kubevirt-machine-controllers decleration from machine-api 2001317 - OCP Platform Quota Check - Inaccurate MissingQuota error 2001337 - Details Card in ODF Dashboard mentions OCS 2001339 - fix text content hotplug 2001413 - [e2e][automation] add/delete nic and disk to template 2001441 - Test: oc adm must-gather runs successfully for audit logs - fail due to startup log 2001442 - Empty termination.log file for the kube-apiserver has too permissive mode 2001479 - IBM Cloud DNS unable to create/update records 2001566 - Enable alerts for prometheus operator in UWM 2001575 - Clicking on the perspective switcher shows a white page with loader 2001577 - Quick search placeholder is not displayed properly when the search string is removed 2001578 - [e2e][automation] add tests for vm dashboard tab 2001605 - PVs remain in Released state for a long time after the claim is deleted 2001617 - BucketClass Creation is restricted on 1st page but enabled using side navigation options 2001620 - Cluster becomes degraded if it can't talk to Manila 2001760 - While creating 'Backing Store', 'Bucket Class', 'Namespace Store' user is navigated to 'Installed Operators' page after clicking on ODF 2001761 - Unable to apply cluster operator storage for SNO on GCP platform. 2001765 - Some error message in the log of diskmaker-manager caused confusion 2001784 - show loading page before final results instead of showing a transient message No log files exist 2001804 - Reload feature on Environment section in Build Config form does not work properly 2001810 - cluster admin unable to view BuildConfigs in all namespaces 2001817 - Failed to load RoleBindings list that will lead to ‘Role name’ is not able to be selected on Create RoleBinding page as well 2001823 - OCM controller must update operator status 2001825 - [SNO]ingress/authentication clusteroperator degraded when enable ccm from start 2001835 - Could not select image tag version when create app from dev console 2001855 - Add capacity is disabled for ocs-storagecluster 2001856 - Repeating event: MissingVersion no image found for operand pod 2001959 - Side nav list borders don't extend to edges of container 2002007 - Layout issue on "Something went wrong" page 2002010 - ovn-kube may never attempt to retry a pod creation 2002012 - Cannot change volume mode when cloning a VM from a template 2002027 - Two instances of Dotnet helm chart show as one in topology 2002075 - opm render does not automatically pulling in the image(s) used in the deployments 2002121 - [OVN] upgrades failed for IPI OSP16 OVN IPSec cluster 2002125 - Network policy details page heading should be updated to Network Policy details 2002133 - [e2e][automation] add support/virtualization and improve deleteResource 2002134 - [e2e][automation] add test to verify vm details tab 2002215 - Multipath day1 not working on s390x 2002238 - Image stream tag is not persisted when switching from yaml to form editor 2002262 - [vSphere] Incorrect user agent in vCenter sessions list 2002266 - SinkBinding create form doesn't allow to use subject name, instead of label selector 2002276 - OLM fails to upgrade operators immediately 2002300 - Altering the Schedule Profile configurations doesn't affect the placement of the pods 2002354 - Missing DU configuration "Done" status reporting during ZTP flow 2002362 - Dynamic Plugin - ConsoleRemotePlugin for webpack doesn't use commonjs 2002368 - samples should not go degraded when image allowedRegistries blocks imagestream creation 2002372 - Pod creation failed due to mismatched pod IP address in CNI and OVN 2002397 - Resources search is inconsistent 2002434 - CRI-O leaks some children PIDs 2002443 - Getting undefined error on create local volume set page 2002461 - DNS operator performs spurious updates in response to API's defaulting of service's internalTrafficPolicy 2002504 - When the openshift-cluster-storage-operator is degraded because of "VSphereProblemDetectorController_SyncError", the insights operator is not sending the logs from all pods. 2002559 - User preference for topology list view does not follow when a new namespace is created 2002567 - Upstream SR-IOV worker doc has broken links 2002588 - Change text to be sentence case to align with PF 2002657 - ovn-kube egress IP monitoring is using a random port over the node network 2002713 - CNO: OVN logs should have millisecond resolution 2002748 - [ICNI2] 'ErrorAddingLogicalPort' failed to handle external GW check: timeout waiting for namespace event 2002759 - Custom profile should not allow not including at least one required HTTP2 ciphersuite 2002763 - Two storage systems getting created with external mode RHCS 2002808 - KCM does not use web identity credentials 2002834 - Cluster-version operator does not remove unrecognized volume mounts 2002896 - Incorrect result return when user filter data by name on search page 2002950 - Why spec.containers.command is not created with "oc create deploymentconfig --image= -- " 2003096 - [e2e][automation] check bootsource URL is displaying on review step 2003113 - OpenShift Baremetal IPI installer uses first three defined nodes under hosts in install-config for master nodes instead of filtering the hosts with the master role 2003120 - CI: Uncaught error with ResizeObserver on operand details page 2003145 - Duplicate operand tab titles causes "two children with the same key" warning 2003164 - OLM, fatal error: concurrent map writes 2003178 - [FLAKE][knative] The UI doesn't show updated traffic distribution after accepting the form 2003193 - Kubelet/crio leaks netns and veth ports in the host 2003195 - OVN CNI should ensure host veths are removed 2003204 - Jenkins all new container images (openshift4/ose-jenkins) not supporting '-e JENKINS_PASSWORD=password' ENV which was working for old container images 2003206 - Namespace stuck terminating: Failed to delete all resource types, 1 remaining: unexpected items still remain in namespace 2003239 - "[sig-builds][Feature:Builds][Slow] can use private repositories as build input" tests fail outside of CI 2003244 - Revert libovsdb client code 2003251 - Patternfly components with list element has list item bullet when they should not. 2003252 - "[sig-builds][Feature:Builds][Slow] starting a build using CLI start-build test context override environment BUILD_LOGLEVEL in buildconfig" tests do not work as expected outside of CI 2003269 - Rejected pods should be filtered from admission regression 2003357 - QE- Removing the epic tags for gherkin tags related to 4.9 Release 2003426 - [e2e][automation] add test for vm details bootorder 2003496 - [e2e][automation] add test for vm resources requirment settings 2003641 - All metal ipi jobs are failing in 4.10 2003651 - ODF4.9+LSO4.8 installation via UI, StorageCluster move to error state 2003655 - [IPI ON-PREM] Keepalived chk_default_ingress track script failed even though default router pod runs on node 2003683 - Samples operator is panicking in CI 2003711 - [UI] Empty file ceph-external-cluster-details-exporter.py downloaded from external cluster "Connection Details" page 2003715 - Error on creating local volume set after selection of the volume mode 2003743 - Remove workaround keeping /boot RW for kdump support 2003775 - etcd pod on CrashLoopBackOff after master replacement procedure 2003788 - CSR reconciler report error constantly when BYOH CSR approved by other Approver 2003792 - Monitoring metrics query graph flyover panel is useless 2003808 - Add Sprint 207 translations 2003845 - Project admin cannot access image vulnerabilities view 2003859 - sdn emits events with garbage messages 2003896 - (release-4.10) ApiRequestCounts conditional gatherer 2004009 - 4.10: Fix multi-az zone scheduling e2e for 5 control plane replicas 2004051 - CMO can report as being Degraded while node-exporter is deployed on all nodes 2004059 - [e2e][automation] fix current tests for downstream 2004060 - Trying to use basic spring boot sample causes crash on Firefox 2004101 - [UI] When creating storageSystem deployment type dropdown under advanced setting doesn't close after selection 2004127 - [flake] openshift-controller-manager event reason/SuccessfulDelete occurs too frequently 2004203 - build config's created prior to 4.8 with image change triggers can result in trigger storm in OCM/openshift-apiserver 2004313 - [RHOCP 4.9.0-rc.0] Failing to deploy Azure cluster from the macOS installer - ignition_bootstrap.ign: no such file or directory 2004449 - Boot option recovery menu prevents image boot 2004451 - The backup filename displayed in the RecentBackup message is incorrect 2004459 - QE - Modified the AddFlow gherkin scripts and automation scripts 2004508 - TuneD issues with the recent ConfigParser changes. 2004510 - openshift-gitops operator hooks gets unauthorized (401) errors during jobs executions 2004542 - [osp][octavia lb] cannot create LoadBalancer type svcs 2004578 - Monitoring and node labels missing for an external storage platform 2004585 - prometheus-k8s-0 cpu usage keeps increasing for the first 3 days 2004596 - [4.10] Bootimage bump tracker 2004597 - Duplicate ramdisk log containers running 2004600 - Duplicate ramdisk log containers running 2004609 - output of "crictl inspectp" is not complete 2004625 - BMC credentials could be logged if they change 2004632 - When LE takes a large amount of time, multiple whereabouts are seen 2004721 - ptp/worker custom threshold doesn't change ptp events threshold 2004736 - [knative] Create button on new Broker form is inactive despite form being filled 2004796 - [e2e][automation] add test for vm scheduling policy 2004814 - (release-4.10) OCM controller - change type of the etc-pki-entitlement secret to opaque 2004870 - [External Mode] Insufficient spacing along y-axis in RGW Latency Performance Card 2004901 - [e2e][automation] improve kubevirt devconsole tests 2004962 - Console frontend job consuming too much CPU in CI 2005014 - state of ODF StorageSystem is misreported during installation or uninstallation 2005052 - Adding a MachineSet selector matchLabel causes orphaned Machines 2005179 - pods status filter is not taking effect 2005182 - sync list of deprecated apis about to be removed 2005282 - Storage cluster name is given as title in StorageSystem details page 2005355 - setuptools 58 makes Kuryr CI fail 2005407 - ClusterNotUpgradeable Alert should be set to Severity Info 2005415 - PTP operator with sidecar api configured throws bind: address already in use 2005507 - SNO spoke cluster failing to reach coreos.live.rootfs_url is missing url in console 2005554 - The switch status of the button "Show default project" is not revealed correctly in code 2005581 - 4.8.12 to 4.9 upgrade hung due to cluster-version-operator pod CrashLoopBackOff: error creating clients: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable 2005761 - QE - Implementing crw-basic feature file 2005783 - Fix accessibility issues in the "Internal" and "Internal - Attached Mode" Installation Flow 2005811 - vSphere Problem Detector operator - ServerFaultCode: InvalidProperty 2005854 - SSH NodePort service is created for each VM 2005901 - KS, KCM and KA going Degraded during master nodes upgrade 2005902 - Current UI flow for MCG only deployment is confusing and doesn't reciprocate any message to the end-user 2005926 - PTP operator NodeOutOfPTPSync rule is using max offset from the master instead of openshift_ptp_clock_state metrics 2005971 - Change telemeter to report the Application Services product usage metrics 2005997 - SELinux domain container_logreader_t does not have a policy to follow sym links for log files 2006025 - Description to use an existing StorageClass while creating StorageSystem needs to be re-phrased 2006060 - ocs-storagecluster-storagesystem details are missing on UI for MCG Only and MCG only in LSO mode deployment types 2006101 - Power off fails for drivers that don't support Soft power off 2006243 - Metal IPI upgrade jobs are running out of disk space 2006291 - bootstrapProvisioningIP set incorrectly when provisioningNetworkCIDR doesn't use the 0th address 2006308 - Backing Store YAML tab on click displays a blank screen on UI 2006325 - Multicast is broken across nodes 2006329 - Console only allows Web Terminal Operator to be installed in OpenShift Operators2006364 - IBM Cloud: Set resourceGroupId for resourceGroups, not simply resource 2006561 - [sig-instrumentation] Prometheus when installed on the cluster shouldn't have failing rules evaluation [Skipped:Disconnected] [Suite:openshift/conformance/parallel] 2006690 - OS boot failure "x64 Exception Type 06 - Invalid Opcode Exception" 2006714 - add retry for etcd errors in kube-apiserver 2006767 - KubePodCrashLooping may not fire 2006803 - Set CoreDNS cache entries for forwarded zones 2006861 - Add Sprint 207 part 2 translations 2006945 - race condition can cause crashlooping bootstrap kube-apiserver in cluster-bootstrap 2006947 - e2e-aws-proxy for 4.10 is permafailing with samples operator errors2006975 - clusteroperator/etcd status condition should not change reasons frequently due to EtcdEndpointsDegraded 2007085 - Intermittent failure mounting /run/media/iso when booting live ISO from USB stick 2007136 - Creation of BackingStore, BucketClass, NamespaceStore fails 2007271 - CI Integration for Knative test cases 2007289 - kubevirt tests are failing in CI 2007322 - Devfile/Dockerfile import does not work for unsupported git host 2007328 - Updated patternfly to v4.125.3 and pf.quickstarts to v1.2.3. 2007379 - Events are not generated for master offset for ordinary clock 2007443 - [ICNI 2.0] Loadbalancer pods do not establish BFD sessions with all workers that host pods for the routed namespace 2007455 - cluster-etcd-operator: render command should fail if machineCidr contains reserved address 2007495 - Large label value for the metric kubelet_started_pods_errors_total with label message when there is a error 2007522 - No new local-storage-operator-metadata-container is build for 4.10 2007551 - No new ose-aws-efs-csi-driver-operator-bundle-container is build for 4.10 2007580 - Azure cilium installs are failing e2e tests 2007581 - Too many haproxy processes in default-router pod causing high load average after upgrade from v4.8.3 to v4.8.10 2007677 - Regression: core container io performance metrics are missing for pod, qos, and system slices on nodes 2007692 - 4.9 "old-rhcos" jobs are permafailing with storage test failures 2007710 - ci/prow/e2e-agnostic-cmd job is failing on prow 2007757 - must-gather extracts imagestreams in the "openshift" namespace, but not Templates 2007802 - AWS machine actuator get stuck if machine is completely missing 2008096 - TestAWSFinalizerDeleteS3Bucket sometimes fails to teardown operator 2008119 - The serviceAccountIssuer field on Authentication CR is reseted to “” when installation process 2008151 - Topology breaks on clicking in empty state 2008185 - Console operator go.mod should use go 1.16.version 2008201 - openstack-az job is failing on haproxy idle test 2008207 - vsphere CSI driver doesn't set resource limits 2008223 - gather_audit_logs: fix oc command line to get the current audit profile 2008235 - The Save button in the Edit DC form remains disabled 2008256 - Update Internationalization README with scope info 2008321 - Add correct documentation link for MON_DISK_LOW 2008462 - Disable PodSecurity feature gate for 4.10 2008490 - Backing store details page does not contain all the kebab actions. 2008521 - gcp-hostname service should correct invalid search entries in resolv.conf 2008532 - CreateContainerConfigError:: failed to prepare subPath for volumeMount 2008539 - Registry doesn't fall back to secondary ImageContentSourcePolicy Mirror 2008540 - HighlyAvailableWorkloadIncorrectlySpread always fires on upgrade on cluster with two workers2008599 - Azure Stack UPI does not have Internal Load Balancer 2008612 - Plugin asset proxy does not pass through browser cache headers2008712 - VPA webhook timeout prevents all pods from starting 2008733 - kube-scheduler: exposed /debug/pprof port 2008911 - Prometheus repeatedly scaling prometheus-operator replica set 2008926 - [sig-api-machinery] API data in etcd should be stored at the correct location and version for all resources [Serial] [Suite:openshift/conformance/serial] 2008987 - OpenShift SDN Hosted Egress IP's are not being scheduled to nodes after upgrade to 4.8.12 2009055 - Instances of OCS to be replaced with ODF on UI 2009078 - NetworkPodsCrashLooping alerts in upgrade CI jobs 2009083 - opm blocks pruning of existing bundles during add 2009111 - [IPI-on-GCP] 'Install a cluster with nested virtualization enabled' failed due to unable to launch compute instances 2009131 - [e2e][automation] add more test about vmi 2009148 - [e2e][automation] test vm nic presets and options 2009233 - ACM policy object generated by PolicyGen conflicting with OLM Operator 2009253 - [BM] [IPI] [DualStack] apiVIP and ingressVIP should be of the same primary IP family 2009298 - Service created for VM SSH access is not owned by the VM and thus is not deleted if the VM is deleted 2009384 - UI changes to support BindableKinds CRD changes 2009404 - ovnkube-node pod enters CrashLoopBackOff after OVN_IMAGE is swapped 2009424 - Deployment upgrade is failing availability check 2009454 - Change web terminal subscription permissions from get to list 2009465 - container-selinux should come from rhel8-appstream 2009514 - Bump OVS to 2.16-15 2009555 - Supermicro X11 system not booting from vMedia with AI 2009623 - Console: Observe > Metrics page: Table pagination menu shows bullet points 2009664 - Git Import: Edit of knative service doesn't work as expected for git import flow 2009699 - Failure to validate flavor RAM 2009754 - Footer is not sticky anymore in import forms 2009785 - CRI-O's version file should be pinned by MCO 2009791 - Installer: ibmcloud ignores install-config values 2009823 - [sig-arch] events should not repeat pathologically - reason/VSphereOlderVersionDetected Marking cluster un-upgradeable because one or more VMs are on hardware version vmx-13 2009840 - cannot build extensions on aarch64 because of unavailability of rhel-8-advanced-virt repo 2009859 - Large number of sessions created by vmware-vsphere-csi-driver-operator during e2e tests 2009873 - Stale Logical Router Policies and Annotations for a given node 2009879 - There should be test-suite coverage to ensure admin-acks work as expected 2009888 - SRO package name collision between official and community version 2010073 - uninstalling and then reinstalling sriov-network-operator is not working 2010174 - 2 PVs get created unexpectedly with different paths that actually refer to the same device on the node. 2010181 - Environment variables not getting reset on reload on deployment edit form 2010310 - [sig-instrumentation][Late] OpenShift alerting rules should have description and summary annotations [Skipped:Disconnected] [Suite:openshift/conformance/parallel] 2010341 - OpenShift Alerting Rules Style-Guide Compliance 2010342 - Local console builds can have out of memory errors2010345 - OpenShift Alerting Rules Style-Guide Compliance 2010348 - Reverts PIE build mode for K8S components 2010352 - OpenShift Alerting Rules Style-Guide Compliance 2010354 - OpenShift Alerting Rules Style-Guide Compliance 2010359 - OpenShift Alerting Rules Style-Guide Compliance 2010368 - OpenShift Alerting Rules Style-Guide Compliance 2010376 - OpenShift Alerting Rules Style-Guide Compliance 2010662 - Cluster is unhealthy after image-registry-operator tests 2010663 - OpenShift Alerting Rules Style-Guide Compliance (ovn-kubernetes subcomponent) 2010665 - Bootkube tries to use oc after cluster bootstrap is done and there is no API 2010698 - [BM] [IPI] [Dual Stack] Installer must ensure ipv6 short forms too if clusterprovisioning IP is specified as ipv6 address 2010719 - etcdHighNumberOfFailedGRPCRequests runbook is missing 2010864 - Failure building EFS operator 2010910 - ptp worker events unable to identify interface for multiple interfaces 2010911 - RenderOperatingSystem() returns wrong OS version on OCP 4.7.24 2010921 - Azure Stack Hub does not handle additionalTrustBundle 2010931 - SRO CSV uses non default category "Drivers and plugins" 2010946 - concurrent CRD from ovirt-csi-driver-operator gets reconciled by CVO after deployment, changing CR as well. 2011038 - optional operator conditions are confusing 2011063 - CVE-2021-39226 grafana: Snapshot authentication bypass 2011171 - diskmaker-manager constantly redeployed by LSO when creating LV's 2011293 - Build pod are not pulling images if we are not explicitly giving the registry name with the image 2011368 - Tooltip in pipeline visualization shows misleading data 2011386 - [sig-arch] Check if alerts are firing during or after upgrade success --- alert KubePodNotReady fired for 60 seconds with labels 2011411 - Managed Service's Cluster overview page contains link to missing Storage dashboards 2011443 - Cypress tests assuming Admin Perspective could fail on shared/reference cluster 2011513 - Kubelet rejects pods that use resources that should be freed by completed pods 2011668 - Machine stuck in deleting phase in VMware "reconciler failed to Delete machine" 2011693 - (release-4.10) "insightsclient_request_recvreport_total" metric is always incremented 2011698 - After upgrading cluster to 4.8 the kube-state-metrics service doesn't export namespace labels anymore 2011733 - Repository README points to broken documentarion link 2011753 - Ironic resumes clean before raid configuration job is actually completed 2011809 - The nodes page in the openshift console doesn't work. You just get a blank page 2011822 - Obfuscation doesn't work at clusters with OVN 2011882 - SRO helm charts not synced with templates 2011893 - Validation: BMC driver ipmi is not supported for secure UEFI boot 2011896 - [4.10] ClusterVersion Upgradeable=False MultipleReasons should include all messages 2011903 - vsphere-problem-detector: session leak 2011927 - OLM should allow users to specify a proxy for GRPC connections 2011956 - [tracker] Kubelet rejects pods that use resources that should be freed by completed pods 2011960 - [tracker] Storage operator is not available after reboot cluster instances 2011971 - ICNI2 pods are stuck in ContainerCreating state 2011972 - Ingress operator not creating wildcard route for hypershift clusters2011977 - SRO bundle references non-existent image 2012069 - Refactoring Status controller 2012177 - [OCP 4.9 + OCS 4.8.3] Overview tab is missing under Storage after successful deployment on UI 2012228 - ibmcloud: credentialsrequests invalid for machine-api-operator: resource-group 2012233 - [IBMCLOUD] IPI: "Exceeded limit of remote rules per security group (the limit is 5 remote rules per security group)" 2012235 - [IBMCLOUD] IPI: IBM cloud provider requires ResourceGroupName in cloudproviderconfig 2012317 - Dynamic Plugins: ListPageCreateDropdown items cut off 2012407 - [e2e][automation] improve vm tab console tests 2012426 - ThanosSidecarBucketOperationsFailed/ThanosSidecarUnhealthy alerts don't have namespace label 2012562 - migration condition is not detected in list view 2012770 - when using expression metric openshift_apps_deploymentconfigs_last_failed_rollout_time namespace label is re-written 2012780 - The port 50936 used by haproxy is occupied by kube-apiserver 2012838 - Setting the default maximum container root partition size for Overlay with CRI-O stop working 2012902 - Neutron Ports assigned to Completed Pods are not reused Edit 2012915 - kube_persistentvolumeclaim_labels and kube_persistentvolume_labels are missing in OCP 4.8 monitoring stack 2012971 - Disable operands deletes 2013034 - Cannot install to openshift-nmstate namespace 2013127 - OperatorHub links could not be opened in a new tabs (sharing and open a deep link works fine) 2013199 - post reboot of node SRIOV policy taking huge time 2013203 - UI breaks when trying to create block pool before storage cluster/system creation 2013222 - Full breakage for nightly payload promotion 2013273 - Nil pointer exception when phc2sys options are missing 2013321 - TuneD: high CPU utilization of the TuneD daemon. 2013416 - Multiple assets emit different content to the same filename 2013431 - Application selector dropdown has incorrect font-size and positioning 2013528 - mapi_current_pending_csr is always set to 1 on OpenShift Container Platform 4.8 2013545 - Service binding created outside topology is not visible 2013599 - Scorecard support storage is not included in ocp4.9 2013632 - Correction/Changes in Quick Start Guides for ODF 4.9 (Install ODF guide) 2013646 - fsync controller will show false positive if gaps in metrics are observed. 2013710 - ZTP Operator subscriptions for 4.9 release branch should point to 4.9 by default 2013751 - Service details page is showing wrong in-cluster hostname 2013787 - There are two tittle 'Network Attachment Definition Details' on NAD details page 2013871 - Resource table headings are not aligned with their column data 2013895 - Cannot enable accelerated network via MachineSets on Azure 2013920 - "--collector.filesystem.ignored-mount-points is DEPRECATED and will be removed in 2.0.0, use --collector.filesystem.mount-points-exclude" 2013930 - Create Buttons enabled for Bucket Class, Backingstore and Namespace Store in the absence of Storagesystem(or MCG) 2013969 - oVIrt CSI driver fails on creating PVCs on hosted engine storage domain 2013990 - Observe dashboard crashs on reload when perspective has changed (in another tab) 2013996 - Project detail page: Action "Delete Project" does nothing for the default project 2014071 - Payload imagestream new tags not properly updated during cluster upgrade 2014153 - SRIOV exclusive pooling 2014202 - [OCP-4.8.10] OVN-Kubernetes: service IP is not responding when egressIP set to the namespace 2014238 - AWS console test is failing on importing duplicate YAML definitions 2014245 - Several aria-labels, external links, and labels aren't internationalized 2014248 - Several files aren't internationalized 2014352 - Could not filter out machine by using node name on machines page 2014464 - Unexpected spacing/padding below navigation groups in developer perspective 2014471 - Helm Release notes tab is not automatically open after installing a chart for other languages 2014486 - Integration Tests: OLM single namespace operator tests failing 2014488 - Custom operator cannot change orders of condition tables 2014497 - Regex slows down different forms and creates too much recursion errors in the log 2014538 - Kuryr controller crash looping on self._get_vip_port(loadbalancer).id 'NoneType' object has no attribute 'id' 2014614 - Metrics scraping requests should be assigned to exempt priority level 2014710 - TestIngressStatus test is broken on Azure 2014954 - The prometheus-k8s-{0,1} pods are CrashLoopBackoff repeatedly 2014995 - oc adm must-gather cannot gather audit logs with 'None' audit profile 2015115 - [RFE] PCI passthrough 2015133 - [IBMCLOUD] ServiceID API key credentials seems to be insufficient for ccoctl '--resource-group-name' parameter 2015154 - Support ports defined networks and primarySubnet 2015274 - Yarn dev fails after updates to dynamic plugin JSON schema logic 2015337 - 4.9.0 GA MetalLB operator image references need to be adjusted to match production 2015386 - Possibility to add labels to the built-in OCP alerts 2015395 - Table head on Affinity Rules modal is not fully expanded 2015416 - CI implementation for Topology plugin 2015418 - Project Filesystem query returns No datapoints found 2015420 - No vm resource in project view's inventory 2015422 - No conflict checking on snapshot name 2015472 - Form and YAML view switch button should have distinguishable status 2015481 - [4.10] sriov-network-operator daemon pods are failing to start 2015493 - Cloud Controller Manager Operator does not respect 'additionalTrustBundle' setting 2015496 - Storage - PersistentVolumes : Claim colum value 'No Claim' in English 2015498 - [UI] Add capacity when not applicable (for MCG only deployment and External mode cluster) fails to pass any info. to user and tries to just load a blank screen on 'Add Capacity' button click 2015506 - Home - Search - Resources - APIRequestCount : hard to select an item from ellipsis menu 2015515 - Kubelet checks all providers even if one is configured: NoCredentialProviders: no valid providers in chain. 2015535 - Administration - ResourceQuotas - ResourceQuota details: Inside Pie chart 'x% used' is in English 2015549 - Observe - Metrics: Column heading and pagination text is in English 2015557 - Workloads - DeploymentConfigs : Error message is in English 2015568 - Compute - Nodes : CPU column's values are in English 2015635 - Storage operator fails causing installation to fail on ASH 2015660 - "Finishing boot source customization" screen should not use term "patched" 2015793 - [hypershift] The collect-profiles job's pods should run on the control-plane node 2015806 - Metrics view in Deployment reports "Forbidden" when not cluster-admin 2015819 - Conmon sandbox processes run on non-reserved CPUs with workload partitioning 2015837 - OS_CLOUD overwrites install-config's platform.openstack.cloud 2015950 - update from 4.7.22 to 4.8.11 is failing due to large amount of secrets to watch 2015952 - RH CodeReady Workspaces Operator in e2e testing will soon fail 2016004 - [RFE] RHCOS: help determining whether a user-provided image was already booted (Ignition provisioning already performed) 2016008 - [4.10] Bootimage bump tracker 2016052 - No e2e CI presubmit configured for release component azure-file-csi-driver 2016053 - No e2e CI presubmit configured for release component azure-file-csi-driver-operator 2016054 - No e2e CI presubmit configured for release component cluster-autoscaler 2016055 - No e2e CI presubmit configured for release component console 2016058 - openshift-sync does not synchronise in "ose-jenkins:v4.8" 2016064 - No e2e CI presubmit configured for release component ibm-cloud-controller-manager 2016065 - No e2e CI presubmit configured for release component ibmcloud-machine-controllers2016175 - Pods get stuck in ContainerCreating state when attaching volumes fails on SNO clusters. 2016179 - Add Sprint 208 translations 2016228 - Collect Profiles pprof secret is hardcoded to openshift-operator-lifecycle-manager 2016235 - should update to 7.5.11 for grafana resources version label 2016296 - Openshift virtualization : Create Windows Server 2019 VM using template : Fails 2016334 - shiftstack: SRIOV nic reported as not supported 2016352 - Some pods start before CA resources are present 2016367 - Empty task box is getting created for a pipeline without finally task 2016435 - Duplicate AlertmanagerClusterFailedToSendAlerts alerts 2016438 - Feature flag gating is missing in few extensions contributed via knative plugin 2016442 - OCPonRHV: pvc should be in Bound state and without error when choosing default sc 2016446 - [OVN-Kubernetes] Egress Networkpolicy is failing Intermittently for statefulsets 2016453 - Complete i18n for GaugeChart defaults 2016479 - iface-id-ver is not getting updated for existing lsp 2016925 - Dashboards with All filter, change to a specific value and change back to All, data will disappear 2016951 - dynamic actions list is not disabling "open console" for stopped vms 2016955 - m5.large instance type for bootstrap node is hardcoded causing deployments to fail if instance type is not available 2016988 - NTO does not set io_timeout and max_retries for AWS Nitro instances 2017016 - [REF] Virtualization menu 2017036 - [sig-network-edge][Feature:Idling] Unidling should handle many TCP connections fails in periodic-ci-openshift-release-master-ci-4.9-e2e-openstack-ovn 2017050 - Dynamic Plugins: Shared modules loaded multiple times, breaking use of PatternFly 2017130 - t is not a function error navigating to details page 2017141 - Project dropdown has a dynamic inline width added which can cause min-width issue 2017244 - ovirt csi operator static files creation is in the wrong order 2017276 - [4.10] Volume mounts not created with the correct security context 2017327 - When run opm index prune failed with error removing operator package cic-operator FOREIGN KEY constraint failed. 2017427 - NTO does not restart TuneD daemon when profile application is taking too long 2017535 - Broken Argo CD link image on GitOps Details Page 2017547 - Siteconfig application sync fails with The AgentClusterInstall is invalid: spec.provisionRequirements.controlPlaneAgents: Required value when updating images references 2017564 - On-prem prepender dispatcher script overwrites DNS search settings 2017565 - CCMO does not handle additionalTrustBundle on Azure Stack 2017566 - MetalLB: Web Console -Create Address pool form shows address pool name twice 2017606 - [e2e][automation] add test to verify send key for VNC console 2017650 - [OVN]EgressFirewall cannot be applied correctly if cluster has windows nodes 2017656 - VM IP address is "undefined" under VM details -> ssh field 2017663 - SSH password authentication is disabled when public key is not supplied 2017680 - [gcp] Couldn’t enable support for instances with GPUs on GCP 2017732 - [KMS] Prevent creation of encryption enabled storageclass without KMS connection set 2017752 - (release-4.10) obfuscate identity provider attributes in collected authentication.operator.openshift.io resource 2017756 - overlaySize setting on containerruntimeconfig is ignored due to cri-o defaults 2017761 - [e2e][automation] dummy bug for 4.9 test dependency 2017872 - Add Sprint 209 translations 2017874 - The installer is incorrectly checking the quota for X instances instead of G and VT instances 2017879 - Add Chinese translation for "alternate" 2017882 - multus: add handling of pod UIDs passed from runtime 2017909 - [ICNI 2.0] ovnkube-masters stop processing add/del events for pods 2018042 - HorizontalPodAutoscaler CPU averageValue did not show up in HPA metrics GUI 2018093 - Managed cluster should ensure control plane pods do not run in best-effort QoS 2018094 - the tooltip length is limited 2018152 - CNI pod is not restarted when It cannot start servers due to ports being used 2018208 - e2e-metal-ipi-ovn-ipv6 are failing 75% of the time 2018234 - user settings are saved in local storage instead of on cluster 2018264 - Delete Export button doesn't work in topology sidebar (general issue with unknown CSV?) 2018272 - Deployment managed by link and topology sidebar links to invalid resource page (at least for Exports) 2018275 - Topology graph doesn't show context menu for Export CSV 2018279 - Edit and Delete confirmation modals for managed resource should close when the managed resource is clicked 2018380 - Migrate docs links to access.redhat.com 2018413 - Error: context deadline exceeded, OCP 4.8.9 2018428 - PVC is deleted along with VM even with "Delete Disks" unchecked 2018445 - [e2e][automation] enhance tests for downstream 2018446 - [e2e][automation] move tests to different level 2018449 - [e2e][automation] add test about create/delete network attachment definition 2018490 - [4.10] Image provisioning fails with file name too long 2018495 - Fix typo in internationalization README 2018542 - Kernel upgrade does not reconcile DaemonSet 2018880 - Get 'No datapoints found.' when query metrics about alert rule KubeCPUQuotaOvercommit and KubeMemoryQuotaOvercommit 2018884 - QE - Adapt crw-basic feature file to OCP 4.9/4.10 changes 2018935 - go.sum not updated, that ART extracts version string from, WAS: Missing backport from 4.9 for Kube bump PR#950 2018965 - e2e-metal-ipi-upgrade is permafailing in 4.10 2018985 - The rootdisk size is 15Gi of windows VM in customize wizard 2019001 - AWS: Operator degraded (CredentialsFailing): 1 of 6 credentials requests are failing to sync. 2019096 - Update SRO leader election timeout to support SNO 2019129 - SRO in operator hub points to wrong repo for README 2019181 - Performance profile does not apply 2019198 - ptp offset metrics are not named according to the log output 2019219 - [IBMCLOUD]: cloud-provider-ibm missing IAM permissions in CCCMO CredentialRequest 2019284 - Stop action should not in the action list while VMI is not running 2019346 - zombie processes accumulation and Argument list too long 2019360 - [RFE] Virtualization Overview page 2019452 - Logger object in LSO appends to existing logger recursively 2019591 - Operator install modal body that scrolls has incorrect padding causing shadow position to be incorrect 2019634 - Pause and migration is enabled in action list for a user who has view only permission 2019636 - Actions in VM tabs should be disabled when user has view only permission 2019639 - "Take snapshot" should be disabled while VM image is still been importing 2019645 - Create button is not removed on "Virtual Machines" page for view only user 2019646 - Permission error should pop-up immediately while clicking "Create VM" button on template page for view only user 2019647 - "Remove favorite" and "Create new Template" should be disabled in template action list for view only user 2019717 - cant delete VM with un-owned pvc attached 2019722 - The shared-resource-csi-driver-node pod runs as “BestEffort” qosClass 2019739 - The shared-resource-csi-driver-node uses imagePullPolicy as "Always" 2019744 - [RFE] Suggest users to download newest RHEL 8 version 2019809 - [OVN][Upgrade] After upgrade to 4.7.34 ovnkube-master pods are in CrashLoopBackOff/ContainerCreating and other multiple issues at OVS/OVN level 2019827 - Display issue with top-level menu items running demo plugin 2019832 - 4.10 Nightlies blocked: Failed to upgrade authentication, operator was degraded 2019886 - Kuryr unable to finish ports recovery upon controller restart 2019948 - [RFE] Restructring Virtualization links 2019972 - The Nodes section doesn't display the csr of the nodes that are trying to join the cluster 2019977 - Installer doesn't validate region causing binary to hang with a 60 minute timeout 2019986 - Dynamic demo plugin fails to build 2019992 - instance:node_memory_utilisation:ratio metric is incorrect 2020001 - Update dockerfile for demo dynamic plugin to reflect dir change 2020003 - MCD does not regard "dangling" symlinks as a files, attempts to write through them on next backup, resulting in "not writing through dangling symlink" error and degradation. 2020107 - cluster-version-operator: remove runlevel from CVO namespace 2020153 - Creation of Windows high performance VM fails 2020216 - installer: Azure storage container blob where is stored bootstrap.ign file shouldn't be public 2020250 - Replacing deprecated ioutil 2020257 - Dynamic plugin with multiple webpack compilation passes may fail to build 2020275 - ClusterOperators link in console returns blank page during upgrades 2020377 - permissions error while using tcpdump option with must-gather 2020489 - coredns_dns metrics don't include the custom zone metrics data due to CoreDNS prometheus plugin is not defined 2020498 - "Show PromQL" button is disabled 2020625 - [AUTH-52] User fails to login from web console with keycloak OpenID IDP after enable group membership sync feature 2020638 - [4.7] CI conformance test failures related to CustomResourcePublishOpenAPI 2020664 - DOWN subports are not cleaned up 2020904 - When trying to create a connection from the Developer view between VMs, it fails 2021016 - 'Prometheus Stats' of dashboard 'Prometheus Overview' miss data on console compared with Grafana 2021017 - 404 page not found error on knative eventing page 2021031 - QE - Fix the topology CI scripts 2021048 - [RFE] Added MAC Spoof check 2021053 - Metallb operator presented as community operator 2021067 - Extensive number of requests from storage version operator in cluster 2021081 - Missing PolicyGenTemplate for configuring Local Storage Operator LocalVolumes 2021135 - [azure-file-csi-driver] "make unit-test" returns non-zero code, but tests pass 2021141 - Cluster should allow a fast rollout of kube-apiserver is failing on single node 2021151 - Sometimes the DU node does not get the performance profile configuration applied and MachineConfigPool stays stuck in Updating 2021152 - imagePullPolicy is "Always" for ptp operator images 2021191 - Project admins should be able to list available network attachment defintions 2021205 - Invalid URL in git import form causes validation to not happen on URL change 2021322 - cluster-api-provider-azure should populate purchase plan information 2021337 - Dynamic Plugins: ResourceLink doesn't render when passed a groupVersionKind 2021364 - Installer requires invalid AWS permission s3:GetBucketReplication 2021400 - Bump documentationBaseURL to 4.10 2021405 - [e2e][automation] VM creation wizard Cloud Init editor 2021433 - "[sig-builds][Feature:Builds][pullsearch] docker build where the registry is not specified" test fail permanently on disconnected 2021466 - [e2e][automation] Windows guest tool mount 2021544 - OCP 4.6.44 - Ingress VIP assigned as secondary IP in ovs-if-br-ex and added to resolv.conf as nameserver 2021551 - Build is not recognizing the USER group from an s2i image 2021607 - Unable to run openshift-install with a vcenter hostname that begins with a numeric character 2021629 - api request counts for current hour are incorrect 2021632 - [UI] Clicking on odf-operator breadcrumb from StorageCluster details page displays empty page 2021693 - Modals assigned modal-lg class are no longer the correct width 2021724 - Observe > Dashboards: Graph lines are not visible when obscured by other lines 2021731 - CCO occasionally down, reporting networksecurity.googleapis.com API as disabled 2021936 - Kubelet version in RPMs should be using Dockerfile label instead of git tags 2022050 - [BM][IPI] Failed during bootstrap - unable to read client-key /var/lib/kubelet/pki/kubelet-client-current.pem 2022053 - dpdk application with vhost-net is not able to start 2022114 - Console logging every proxy request 2022144 - 1 of 3 ovnkube-master pods stuck in clbo after ipi bm deployment - dualstack (Intermittent) 2022251 - wait interval in case of a failed upload due to 403 is unnecessarily long 2022399 - MON_DISK_LOW troubleshooting guide link when clicked, gives 404 error . 2022447 - ServiceAccount in manifests conflicts with OLM 2022502 - Patternfly tables with a checkbox column are not displaying correctly because of conflicting css rules. 2022509 - getOverrideForManifest does not check manifest.GVK.Group 2022536 - WebScale: duplicate ecmp next hop error caused by multiple of the same gateway IPs in ovnkube cache 2022612 - no namespace field for "Kubernetes / Compute Resources / Namespace (Pods)" admin console dashboard 2022627 - Machine object not picking up external FIP added to an openstack vm 2022646 - configure-ovs.sh failure - Error: unknown connection 'WARN:' 2022707 - Observe / monitoring dashboard shows forbidden errors on Dev Sandbox 2022801 - Add Sprint 210 translations 2022811 - Fix kubelet log rotation file handle leak 2022812 - [SCALE] ovn-kube service controller executes unnecessary load balancer operations 2022824 - Large number of sessions created by vmware-vsphere-csi-driver-operator during e2e tests 2022880 - Pipeline renders with minor visual artifact with certain task dependencies 2022886 - Incorrect URL in operator description 2023042 - CRI-O filters custom runtime allowed annotation when both custom workload and custom runtime sections specified under the config 2023060 - [e2e][automation] Windows VM with CDROM migration 2023077 - [e2e][automation] Home Overview Virtualization status 2023090 - [e2e][automation] Examples of Import URL for VM templates 2023102 - [e2e][automation] Cloudinit disk of VM from custom template 2023216 - ACL for a deleted egressfirewall still present on node join switch 2023228 - Remove Tech preview badge on Trigger components 1.6 OSP on OCP 4.9 2023238 - [sig-devex][Feature:ImageEcosystem][python][Slow] hot deploy for openshift python image Django example should work with hot deploy 2023342 - SCC admission should take ephemeralContainers into account 2023356 - Devfiles can't be loaded in Safari on macOS (403 - Forbidden) 2023434 - Update Azure Machine Spec API to accept Marketplace Images 2023500 - Latency experienced while waiting for volumes to attach to node 2023522 - can't remove package from index: database is locked 2023560 - "Network Attachment Definitions" has no project field on the top in the list view 2023592 - [e2e][automation] add mac spoof check for nad 2023604 - ACL violation when deleting a provisioning-configuration resource 2023607 - console returns blank page when normal user without any projects visit Installed Operators page 2023638 - Downgrade support level for extended control plane integration to Dev Preview 2023657 - inconsistent behaviours of adding ssh key on rhel node between 4.9 and 4.10 2023675 - Changing CNV Namespace 2023779 - Fix Patch 104847 in 4.9 2023781 - initial hardware devices is not loading in wizard 2023832 - CCO updates lastTransitionTime for non-Status changes 2023839 - Bump recommended FCOS to 34.20211031.3.0 2023865 - Console css overrides prevent dynamic plug-in PatternFly tables from displaying correctly 2023950 - make test-e2e-operator on kubernetes-nmstate results in failure to pull image from "registry:5000" repository 2023985 - [4.10] OVN idle service cannot be accessed after upgrade from 4.8 2024055 - External DNS added extra prefix for the TXT record 2024108 - Occasionally node remains in SchedulingDisabled state even after update has been completed sucessfully 2024190 - e2e-metal UPI is permafailing with inability to find rhcos.json 2024199 - 400 Bad Request error for some queries for the non admin user 2024220 - Cluster monitoring checkbox flickers when installing Operator in all-namespace mode 2024262 - Sample catalog is not displayed when one API call to the backend fails 2024309 - cluster-etcd-operator: defrag controller needs to provide proper observability 2024316 - modal about support displays wrong annotation 2024328 - [oVirt / RHV] PV disks are lost when machine deleted while node is disconnected 2024399 - Extra space is in the translated text of "Add/Remove alternate service" on Create Route page 2024448 - When ssh_authorized_keys is empty in form view it should not appear in yaml view 2024493 - Observe > Alerting > Alerting rules page throws error trying to destructure undefined 2024515 - test-blocker: Ceph-storage-plugin tests failing 2024535 - hotplug disk missing OwnerReference 2024537 - WINDOWS_IMAGE_LINK does not refer to windows cloud image 2024547 - Detail page is breaking for namespace store , backing store and bucket class. 2024551 - KMS resources not getting created for IBM FlashSystem storage 2024586 - Special Resource Operator(SRO) - Empty image in BuildConfig when using RT kernel 2024613 - pod-identity-webhook starts without tls 2024617 - vSphere CSI tests constantly failing with Rollout of the monitoring stack failed and is degraded 2024665 - Bindable services are not shown on topology 2024731 - linuxptp container: unnecessary checking of interfaces 2024750 - i18n some remaining OLM items 2024804 - gcp-pd-csi-driver does not use trusted-ca-bundle when cluster proxy configured 2024826 - [RHOS/IPI] Masters are not joining a clusters when installing on OpenStack 2024841 - test Keycloak with latest tag 2024859 - Not able to deploy an existing image from private image registry using developer console 2024880 - Egress IP breaks when network policies are applied 2024900 - Operator upgrade kube-apiserver 2024932 - console throws "Unauthorized" error after logging out 2024933 - openshift-sync plugin does not sync existing secrets/configMaps on start up 2025093 - Installer does not honour diskformat specified in storage policy and defaults to zeroedthick 2025230 - ClusterAutoscalerUnschedulablePods should not be a warning 2025266 - CreateResource route has exact prop which need to be removed 2025301 - [e2e][automation] VM actions availability in different VM states 2025304 - overwrite storage section of the DV spec instead of the pvc section 2025431 - [RFE]Provide specific windows source link 2025458 - [IPI-AWS] cluster-baremetal-operator pod in a crashloop state after patching from 4.7.21 to 4.7.36 2025464 - [aws] openshift-install gather bootstrap collects logs for bootstrap and only one master node 2025467 - [OVN-K][ETP=local] Host to service backed by ovn pods doesn't work for ExternalTrafficPolicy=local 2025481 - Update VM Snapshots UI 2025488 - [DOCS] Update the doc for nmstate operator installation 2025592 - ODC 4.9 supports invalid devfiles only 2025765 - It should not try to load from storageProfile after unchecking"Apply optimized StorageProfile settings" 2025767 - VMs orphaned during machineset scaleup 2025770 - [e2e] non-priv seems looking for v2v-vmware configMap in ns "kubevirt-hyperconverged" while using customize wizard 2025788 - [IPI on azure]Pre-check on IPI Azure, should check VM Size’s vCPUsAvailable instead of vCPUs for the sku. 2025821 - Make "Network Attachment Definitions" available to regular user 2025823 - The console nav bar ignores plugin separator in existing sections 2025830 - CentOS capitalizaion is wrong 2025837 - Warn users that the RHEL URL expire 2025884 - External CCM deploys openstack-cloud-controller-manager from quay.io/openshift/origin-* 2025903 - [UI] RoleBindings tab doesn't show correct rolebindings 2026104 - [sig-imageregistry][Feature:ImageAppend] Image append should create images by appending them [Skipped:Disconnected] [Suite:openshift/conformance/parallel] 2026178 - OpenShift Alerting Rules Style-Guide Compliance 2026209 - Updation of task is getting failed (tekton hub integration) 2026223 - Internal error occurred: failed calling webhook "ptpconfigvalidationwebhook.openshift.io" 2026321 - [UPI on Azure] Shall we remove allowedValue about VMSize in ARM templates 2026343 - [upgrade from 4.5 to 4.6] .status.connectionState.address of catsrc community-operators is not correct 2026352 - Kube-Scheduler revision-pruner fail during install of new cluster 2026374 - aws-pod-identity-webhook go.mod version out of sync with build environment 2026383 - Error when rendering custom Grafana dashboard through ConfigMap 2026387 - node tuning operator metrics endpoint serving old certificates after certificate rotation 2026396 - Cachito Issues: sriov-network-operator Image build failure 2026488 - openshift-controller-manager - delete event is repeating pathologically 2026489 - ThanosRuleRuleEvaluationLatencyHigh alerts when a big quantity of alerts defined. 2026560 - Cluster-version operator does not remove unrecognized volume mounts 2026699 - fixed a bug with missing metadata 2026813 - add Mellanox CX-6 Lx DeviceID 101f NIC support in SR-IOV Operator 2026898 - Description/details are missing for Local Storage Operator 2027132 - Use the specific icon for Fedora and CentOS template 2027238 - "Node Exporter / USE Method / Cluster" CPU utilization graph shows incorrect legend 2027272 - KubeMemoryOvercommit alert should be human readable 2027281 - [Azure] External-DNS cannot find the private DNS zone in the resource group 2027288 - Devfile samples can't be loaded after fixing it on Safari (redirect caching issue) 2027299 - The status of checkbox component is not revealed correctly in code 2027311 - K8s watch hooks do not work when fetching core resources 2027342 - Alert ClusterVersionOperatorDown is firing on OpenShift Container Platform after ca certificate rotation 2027363 - The azure-file-csi-driver and azure-file-csi-driver-operator don't use the downstream images 2027387 - [IBMCLOUD] Terraform ibmcloud-provider buffers entirely the qcow2 image causing spikes of 5GB of RAM during installation 2027498 - [IBMCloud] SG Name character length limitation 2027501 - [4.10] Bootimage bump tracker 2027524 - Delete Application doesn't delete Channels or Brokers2027563 - e2e/add-flow-ci.feature fix accessibility violations 2027585 - CVO crashes when changing spec.upstream to a cincinnati graph which includes invalid conditional edges 2027629 - Gather ValidatingWebhookConfiguration and MutatingWebhookConfiguration resource definitions 2027685 - openshift-cluster-csi-drivers pods crashing on PSI 2027745 - default samplesRegistry prevents the creation of imagestreams when registrySources.allowedRegistries is enforced 2027824 - ovnkube-master CrashLoopBackoff: panic: Expected slice or struct but got string 2027917 - No settings in hostfirmwaresettings and schema objects for masters2027927 - sandbox creation fails due to obsolete option in /etc/containers/storage.conf 2027982 - nncp stucked at ConfigurationProgressing 2028019 - Max pending serving CSRs allowed in cluster machine approver is not right for UPI clusters2028024 - After deleting a SpecialResource, the node is still tagged although the driver is removed 2028030 - Panic detected in cluster-image-registry-operator pod 2028042 - Desktop viewer for Windows VM shows "no Service for the RDP (Remote Desktop Protocol) can be found" 2028054 - Cloud controller manager operator can't get leader lease when upgrading from 4.8 up to 4.9 2028106 - [RFE] Use dynamic plugin actions for kubevirt plugin 2028141 - Console tests doesn't pass on Node.js 15 and 16 2028160 - Remove i18nKey in network-policy-peer-selectors.tsx 2028162 - Add Sprint 210 translations 2028170 - Remove leading and trailing whitespace 2028174 - Add Sprint 210 part 2 translations 2028187 - Console build doesn't pass on Node.js 16 because node-sass doesn't support it 2028217 - Cluster-version operator does not default Deployment replicas to one 2028240 - Multiple CatalogSources causing higher CPU use than necessary 2028268 - Password parameters are listed in FirmwareSchema in spite that cannot and shouldn't be set in HostFirmwareSettings 2028325 - disableDrain should be set automatically on SNO 2028484 - AWS EBS CSI driver's livenessprobe does not respect operator's loglevel 2028531 - Missing netFilter to the list of parameters when platform is OpenStack 2028610 - Installer doesn't retry on GCP rate limiting 2028685 - LSO repeatedly reports errors while diskmaker-discovery pod is starting 2028695 - destroy cluster does not prune bootstrap instance profile 2028731 - The containerruntimeconfig controller has wrong assumption regarding the number of containerruntimeconfigs 2028802 - CRI-O panic due to invalid memory address or nil pointer dereference 2028816 - VLAN IDs not released on failures 2028881 - Override not working for the PerformanceProfile template 2028885 - Console should show an error context if it logs an error object 2028949 - Masthead dropdown item hover text color is incorrect 2028963 - Whereabouts should reconcile stranded IP addresses 2029034 - enabling ExternalCloudProvider leads to inoperative cluster 2029178 - Create VM with wizard - page is not displayed 2029181 - Missing CR from PGT 2029273 - wizard is not able to use if project field is "All Projects" 2029369 - Cypress tests github rate limit errors2029371 - patch pipeline--worker nodes unexpectedly reboot during scale out 2029394 - missing empty text for hardware devices at wizard review 2029414 - Alibaba Disk snapshots with XFS filesystem cannot be used 2029416 - Alibaba Disk CSI driver does not use credentials provided by CCO / ccoctl 2029521 - EFS CSI driver cannot delete volumes under load 2029570 - Azure Stack Hub: CSI Driver does not use user-ca-bundle 2029579 - Clicking on an Application which has a Helm Release in it causes an error 2029644 - New resource FirmwareSchema - reset_required exists for Dell machines and doesn't for HPE 2029645 - Sync upstream 1.15.0 downstream 2029671 - VM action "pause" and "clone" should be disabled while VM disk is still being importing 2029742 - [ovn] Stale lr-policy-list and snat rules left for egressip 2029750 - cvo keep restart due to it fail to get feature gate value during the initial start stage 2029785 - CVO panic when an edge is included in both edges and conditionaledges 2029843 - Downstream ztp-site-generate-rhel8 4.10 container image missing content(/home/ztp) 2030003 - HFS CRD: Attempt to set Integer parameter to not-numeric string value - no error 2030029 - [4.10][goroutine]Namespace stuck terminating: Failed to delete all resource types, 1 remaining: unexpected items still remain in namespace 2030228 - Fix StorageSpec resources field to use correct API 2030229 - Mirroring status card reflect wrong data 2030240 - Hide overview page for non-privileged user 2030305 - Export App job do not completes 2030347 - kube-state-metrics exposes metrics about resource annotations 2030364 - Shared resource CSI driver monitoring is not setup correctly 2030488 - Numerous Azure CI jobs are Failing with Partially Rendered machinesets 2030534 - Node selector/tolerations rules are evaluated too early 2030539 - Prometheus is not highly available 2030556 - Don't display Description or Message fields for alerting rules if those annotations are missing 2030568 - Operator installation fails to parse operatorframework.io/initialization-resource annotation 2030574 - console service uses older "service.alpha.openshift.io" for the service serving certificates. 2030677 - BOND CNI: There is no option to configure MTU on a Bond interface 2030692 - NPE in PipelineJobListener.upsertWorkflowJob 2030801 - CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache 2030806 - CVE-2021-44717 golang: syscall: don't close fd 0 on ForkExec error 2030847 - PerformanceProfile API version should be v2 2030961 - Customizing the OAuth server URL does not apply to upgraded cluster 2031006 - Application name input field is not autofocused when user selects "Create application" 2031012 - Services of type loadbalancer do not work if the traffic reaches the node from an interface different from br-ex 2031040 - Error screen when open topology sidebar for a Serverless / knative service which couldn't be started 2031049 - [vsphere upi] pod machine-config-operator cannot be started due to panic issue 2031057 - Topology sidebar for Knative services shows a small pod ring with "0 undefined" as tooltip 2031060 - Failing CSR Unit test due to expired test certificate 2031085 - ovs-vswitchd running more threads than expected 2031141 - Some pods not able to reach k8s api svc IP 198.223.0.1 2031228 - CVE-2021-43813 grafana: directory traversal vulnerability 2031502 - [RFE] New common templates crash the ui 2031685 - Duplicated forward upstreams should be removed from the dns operator 2031699 - The displayed ipv6 address of a dns upstream should be case sensitive 2031797 - [RFE] Order and text of Boot source type input are wrong 2031826 - CI tests needed to confirm driver-toolkit image contents 2031831 - OCP Console - Global CSS overrides affecting dynamic plugins 2031839 - Starting from Go 1.17 invalid certificates will render a cluster dysfunctional 2031858 - GCP beta-level Role (was: CCO occasionally down, reporting networksecurity.googleapis.com API as disabled) 2031875 - [RFE]: Provide online documentation for the SRO CRD (via oc explain) 2031926 - [ipv6dualstack] After SVC conversion from single stack only to RequireDualStack, cannot curl NodePort from the node itself 2032006 - openshift-gitops-application-controller-0 failed to schedule with sufficient node allocatable resource 2032111 - arm64 cluster, create project and deploy the example deployment, pod is CrashLoopBackOff due to the image is built on linux+amd64 2032141 - open the alertrule link in new tab, got empty page 2032179 - [PROXY] external dns pod cannot reach to cloud API in the cluster behind a proxy 2032296 - Cannot create machine with ephemeral disk on Azure 2032407 - UI will show the default openshift template wizard for HANA template 2032415 - Templates page - remove "support level" badge and add "support level" column which should not be hard coded 2032421 - [RFE] UI integration with automatic updated images 2032516 - Not able to import git repo with .devfile.yaml 2032521 - openshift-installer intermittent failure on AWS with "Error: Provider produced inconsistent result after apply" when creating the aws_vpc_dhcp_options_association resource 2032547 - hardware devices table have filter when table is empty 2032565 - Deploying compressed files with a MachineConfig resource degrades the MachineConfigPool 2032566 - Cluster-ingress-router does not support Azure Stack 2032573 - Adopting enforces deploy_kernel/ramdisk which does not work with deploy_iso 2032589 - DeploymentConfigs ignore resolve-names annotation 2032732 - Fix styling conflicts due to recent console-wide CSS changes 2032831 - Knative Services and Revisions are not shown when Service has no ownerReference 2032851 - Networking is "not available" in Virtualization Overview 2032926 - Machine API components should use K8s 1.23 dependencies 2032994 - AddressPool IP is not allocated to service external IP wtih aggregationLength 24 2032998 - Can not achieve 250 pods/node with OVNKubernetes in a multiple worker node cluster 2033013 - Project dropdown in user preferences page is broken 2033044 - Unable to change import strategy if devfile is invalid 2033098 - Conjunction in ProgressiveListFooter.tsx is not translatable 2033111 - IBM VPC operator library bump removed global CLI args 2033138 - "No model registered for Templates" shows on customize wizard 2033215 - Flaky CI: crud/other-routes.spec.ts fails sometimes with an cypress ace/a11y AssertionError: 1 accessibility violation was detected 2033239 - [IPI on Alibabacloud] 'openshift-install' gets the wrong region (‘cn-hangzhou’) selected 2033257 - unable to use configmap for helm charts 2033271 - [IPI on Alibabacloud] destroying cluster succeeded, but the resource group deletion wasn’t triggered 2033290 - Product builds for console are failing 2033382 - MAPO is missing machine annotations 2033391 - csi-driver-shared-resource-operator sets unused CVO-manifest annotations 2033403 - Devfile catalog does not show provider information 2033404 - Cloud event schema is missing source type and resource field is using wrong value 2033407 - Secure route data is not pre-filled in edit flow form 2033422 - CNO not allowing LGW conversion from SGW in runtime 2033434 - Offer darwin/arm64 oc in clidownloads 2033489 - CCM operator failing on baremetal platform 2033518 - [aws-efs-csi-driver]Should not accept invalid FSType in sc for AWS EFS driver 2033524 - [IPI on Alibabacloud] interactive installer cannot list existing base domains 2033536 - [IPI on Alibabacloud] bootstrap complains invalid value for alibabaCloud.resourceGroupID when updating "cluster-infrastructure-02-config.yml" status, which leads to bootstrap failed and all master nodes NotReady 2033538 - Gather Cost Management Metrics Custom Resource 2033579 - SRO cannot update the special-resource-lifecycle ConfigMap if the data field is undefined 2033587 - Flaky CI test project-dashboard.scenario.ts: Resource Quotas Card was not found on project detail page 2033634 - list-style-type: disc is applied to the modal dropdowns 2033720 - Update samples in 4.10 2033728 - Bump OVS to 2.16.0-33 2033729 - remove runtime request timeout restriction for azure 2033745 - Cluster-version operator makes upstream update service / Cincinnati requests more frequently than intended 2033749 - Azure Stack Terraform fails without Local Provider 2033750 - Local volume should pull multi-arch image for kube-rbac-proxy 2033751 - Bump kubernetes to 1.23 2033752 - make verify fails due to missing yaml-patch 2033784 - set kube-apiserver degraded=true if webhook matches a virtual resource 2034004 - [e2e][automation] add tests for VM snapshot improvements 2034068 - [e2e][automation] Enhance tests for 4.10 downstream 2034087 - [OVN] EgressIP was assigned to the node which is not egress node anymore 2034097 - [OVN] After edit EgressIP object, the status is not correct 2034102 - [OVN] Recreate the deleted EgressIP object got InvalidEgressIP warning 2034129 - blank page returned when clicking 'Get started' button 2034144 - [OVN AWS] ovn-kube egress IP monitoring cannot detect the failure on ovn-k8s-mp0 2034153 - CNO does not verify MTU migration for OpenShiftSDN 2034155 - [OVN-K] [Multiple External Gateways] Per pod SNAT is disabled 2034170 - Use function.knative.dev for Knative Functions related labels 2034190 - unable to add new VirtIO disks to VMs 2034192 - Prometheus fails to insert reporting metrics when the sample limit is met 2034243 - regular user cant load template list 2034245 - installing a cluster on aws, gcp always fails with "Error: Incompatible provider version" 2034248 - GPU/Host device modal is too small 2034257 - regular user `Create VM` missing permissions alert 2034285 - [sig-api-machinery] API data in etcd should be stored at the correct location and version for all resources [Serial] [Suite:openshift/conformance/serial] 2034287 - do not block upgrades if we can't create storageclass in 4.10 in vsphere 2034300 - Du validator policy is NonCompliant after DU configuration completed 2034319 - Negation constraint is not validating packages 2034322 - CNO doesn't pick up settings required when ExternalControlPlane topology 2034350 - The CNO should implement the Whereabouts IP reconciliation cron job 2034362 - update description of disk interface 2034398 - The Whereabouts IPPools CRD should include the podref field 2034409 - Default CatalogSources should be pointing to 4.10 index images 2034410 - Metallb BGP, BFD: prometheus is not scraping the frr metrics 2034413 - cloud-network-config-controller fails to init with secret "cloud-credentials" not found in manual credential mode 2034460 - Summary: cloud-network-config-controller does not account for different environment 2034474 - Template's boot source is "Unknown source" before and after set enableCommonBootImageImport to true 2034477 - [OVN] Multiple EgressIP objects configured, EgressIPs weren't working properly 2034493 - Change cluster version operator log level 2034513 - [OVN] After update one EgressIP in EgressIP object, one internal IP lost from lr-policy-list 2034527 - IPI deployment fails 'timeout reached while inspecting the node' when provisioning network ipv6 2034528 - [IBM VPC] volumeBindingMode should be WaitForFirstConsumer 2034534 - Update ose-machine-api-provider-openstack images to be consistent with ART 2034537 - Update team 2034559 - KubeAPIErrorBudgetBurn firing outside recommended latency thresholds 2034563 - [Azure] create machine with wrong ephemeralStorageLocation value success 2034577 - Current OVN gateway mode should be reflected on node annotation as well 2034621 - context menu not popping up for application group 2034622 - Allow volume expansion by default in vsphere CSI storageclass 4.10 2034624 - Warn about unsupported CSI driver in vsphere operator 2034647 - missing volumes list in snapshot modal 2034648 - Rebase openshift-controller-manager to 1.23 2034650 - Rebase openshift/builder to 1.23 2034705 - vSphere: storage e2e tests logging configuration data 2034743 - EgressIP: assigning the same egress IP to a second EgressIP object after a ovnkube-master restart does not fail. 2034766 - Special Resource Operator(SRO) - no cert-manager pod created in dual stack environment 2034785 - ptpconfig with summary_interval cannot be applied 2034823 - RHEL9 should be starred in template list 2034838 - An external router can inject routes if no service is added 2034839 - Jenkins sync plugin does not synchronize ConfigMap having label role=jenkins-agent 2034879 - Lifecycle hook's name and owner shouldn't be allowed to be empty 2034881 - Cloud providers components should use K8s 1.23 dependencies 2034884 - ART cannot build the image because it tries to download controller-gen 2034889 - `oc adm prune deployments` does not work 2034898 - Regression in recently added Events feature 2034957 - update openshift-apiserver to kube 1.23.1 2035015 - ClusterLogForwarding CR remains stuck remediating forever 2035093 - openshift-cloud-network-config-controller never runs on Hypershift cluster 2035141 - [RFE] Show GPU/Host devices in template's details tab 2035146 - "kubevirt-plugin~PVC cannot be empty" shows on add-disk modal while adding existing PVC 2035167 - [cloud-network-config-controller] unable to deleted cloudprivateipconfig when deleting 2035199 - IPv6 support in mtu-migration-dispatcher.yaml 2035239 - e2e-metal-ipi-virtualmedia tests are permanently failing 2035250 - Peering with ebgp peer over multi-hops doesn't work 2035264 - [RFE] Provide a proper message for nonpriv user who not able to add PCI devices 2035315 - invalid test cases for AWS passthrough mode 2035318 - Upgrade management workflow needs to allow custom upgrade graph path for disconnected env 2035321 - Add Sprint 211 translations 2035326 - [ExternalCloudProvider] installation with additional network on workers fails 2035328 - Ccoctl does not ignore credentials request manifest marked for deletion 2035333 - Kuryr orphans ports on 504 errors from Neutron 2035348 - Fix two grammar issues in kubevirt-plugin.json strings 2035393 - oc set data --dry-run=server makes persistent changes to configmaps and secrets 2035409 - OLM E2E test depends on operator package that's no longer published 2035439 - SDN Automatic assignment EgressIP on GCP returned node IP adress not egressIP address 2035453 - [IPI on Alibabacloud] 2 worker machines stuck in Failed phase due to connection to 'ecs-cn-hangzhou.aliyuncs.com' timeout, although the specified region is 'us-east-1' 2035454 - [IPI on Alibabacloud] the OSS bucket created during installation for image registry is not deleted after destroying the cluster 2035467 - UI: Queried metrics can't be ordered on Oberve->Metrics page 2035494 - [SDN Migration]ovnkube-node pods CrashLoopBackOff after sdn migrated to ovn for RHEL workers2035515 - [IBMCLOUD] allowVolumeExpansion should be true in storage class 2035602 - [e2e][automation] add tests for Virtualization Overview page cards 2035703 - Roles -> RoleBindings tab doesn't show RoleBindings correctly 2035704 - RoleBindings list page filter doesn't apply 2035705 - Azure 'Destroy cluster' get stuck when the cluster resource group is already not existing. 2035757 - [IPI on Alibabacloud] one master node turned NotReady which leads to installation failed 2035772 - AccessMode and VolumeMode is not reserved for customize wizard 2035847 - Two dashes in the Cronjob / Job pod name 2035859 - the output of opm render doesn't contain olm.constraint which is defined in dependencies.yaml 2035882 - [BIOS setting values] Create events for all invalid settings in spec 2035903 - One redundant capi-operator credential requests in “oc adm extract --credentials-requests” 2035910 - [UI] Manual approval options are missing after ODF 4.10 installation starts when Manual Update approval is chosen 2035927 - Cannot enable HighNodeUtilization scheduler profile 2035933 - volume mode and access mode are empty in customize wizard review tab 2035969 - "ip a " shows "Error: Peer netns reference is invalid" after create test pods 2035986 - Some pods under kube-scheduler/kube-controller-manager are using the deprecated annotation 2036006 - [BIOS setting values] Attempt to set Integer parameter results in preparation error 2036029 - New added cloud-network-config operator doesn’t supported aws sts format credential 2036096 - [azure-file-csi-driver] there are no e2e tests for NFS backend 2036113 - cluster scaling new nodes ovs-configuration fails on all new nodes 2036567 - [csi-driver-nfs] Upstream merge: Bump k8s libraries to 1.23 2036569 - [cloud-provider-openstack] Upstream merge: Bump k8s libraries to 1.23 2036577 - OCP 4.10 nightly builds from 4.10.0-0.nightly-s390x-2021-12-18-034912 to 4.10.0-0.nightly-s390x-2022-01-11-233015 fail to upgrade from OCP 4.9.11 and 4.9.12 for network type OVNKubernetes for zVM hypervisor environments 2036622 - sdn-controller crashes when restarted while a previous egress IP assignment exists 2036717 - Valid AlertmanagerConfig custom resource with valid a mute time interval definition is rejected 2036826 - `oc adm prune deployments` can prune the RC/RS 2036827 - The ccoctl still accepts CredentialsRequests without ServiceAccounts on GCP platform 2036861 - kube-apiserver is degraded while enable multitenant 2036937 - Command line tools page shows wrong download ODO link 2036940 - oc registry login fails if the file is empty or stdout 2036951 - [cluster-csi-snapshot-controller-operator] proxy settings is being injected in container 2036989 - Route URL copy to clipboard button wraps to a separate line by itself 2036990 - ZTP "DU Done inform policy" never becomes compliant on multi-node clusters2036993 - Machine API components should use Go lang version 1.17 2037036 - The tuned profile goes into degraded status and ksm.service is displayed in the log. 2037061 - aws and gcp CredentialsRequest manifests missing ServiceAccountNames list for cluster-api 2037073 - Alertmanager container fails to start because of startup probe never being successful 2037075 - Builds do not support CSI volumes 2037167 - Some log level in ibm-vpc-block-csi-controller are hard code 2037168 - IBM-specific Deployment manifest for package-server-manager should be excluded on non-IBM cluster-profiles 2037182 - PingSource badge color is not matched with knativeEventing color 2037203 - "Running VMs" card is too small in Virtualization Overview 2037209 - [IPI on Alibabacloud] worker nodes are put in the default resource group unexpectedly 2037237 - Add "This is a CD-ROM boot source" to customize wizard 2037241 - default TTL for noobaa cache buckets should be 0 2037246 - Cannot customize auto-update boot source 2037276 - [IBMCLOUD] vpc-node-label-updater may fail to label nodes appropriately 2037288 - Remove stale image reference 2037331 - Ensure the ccoctl behaviors are similar between aws and gcp on the existing resources 2037483 - Rbacs for Pods within the CBO should be more restrictive 2037484 - Bump dependencies to k8s 1.23 2037554 - Mismatched wave number error message should include the wave numbers that are in conflict 2037622 - [4.10-Alibaba CSI driver][Restore size for volumesnapshot/volumesnapshotcontent is showing as 0 in Snapshot feature for Alibaba platform] 2037635 - impossible to configure custom certs for default console route in ingress config 2037637 - configure custom certificate for default console route doesn't take effect for OCP >= 4.8 2037638 - Builds do not support CSI volumes as volume sources 2037664 - text formatting issue in Installed Operators list table 2037680 - [IPI on Alibabacloud] sometimes operator 'cloud-controller-manager' tells empty VERSION, due to conflicts on listening tcp :8080 2037689 - [IPI on Alibabacloud] sometimes operator 'cloud-controller-manager' tells empty VERSION, due to conflicts on listening tcp :8080 2037801 - Serverless installation is failing on CI jobs for e2e tests 2037813 - Metal Day 1 Networking - networkConfig Field Only Accepts String Format 2037856 - use lease for leader election 2037891 - 403 Forbidden error shows for all the graphs in each grafana dashboard after upgrade from 4.9 to 4.10 2037903 - Alibaba Cloud: delete-ram-user requires the credentials-requests 2037904 - upgrade operator deployment failed due to memory limit too low for manager container 2038021 - [4.10-Alibaba CSI driver][Default volumesnapshot class is not added/present after successful cluster installation] 2038034 - non-privileged user cannot see auto-update boot source 2038053 - Bump dependencies to k8s 1.23 2038088 - Remove ipa-downloader references 2038160 - The `default` project missed the annotation : openshift.io/node-selector: "" 2038166 - Starting from Go 1.17 invalid certificates will render a cluster non-functional 2038196 - must-gather is missing collecting some metal3 resources 2038240 - Error when configuring a file using permissions bigger than decimal 511 (octal 0777) 2038253 - Validator Policies are long lived 2038272 - Failures to build a PreprovisioningImage are not reported 2038384 - Azure Default Instance Types are Incorrect 2038389 - Failing test: [sig-arch] events should not repeat pathologically 2038412 - Import page calls the git file list unnecessarily twice from GitHub/GitLab/Bitbucket 2038465 - Upgrade chromedriver to 90.x to support Mac M1 chips 2038481 - kube-controller-manager-guard and openshift-kube-scheduler-guard pods being deleted and restarted on a cordoned node when drained 2038596 - Auto egressIP for OVN cluster on GCP: After egressIP object is deleted, egressIP still takes effect 2038663 - update kubevirt-plugin OWNERS 2038691 - [AUTH-8] Panic on user login when the user belongs to a group in the IdP side and the group already exists via "oc adm groups new" 2038705 - Update ptp reviewers2038761 - Open Observe->Targets page, wait for a while, page become blank 2038768 - All the filters on the Observe->Targets page can't work 2038772 - Some monitors failed to display on Observe->Targets page 2038793 - [SDN EgressIP] After reboot egress node, the egressip was lost from egress node 2038827 - should add user containers in /etc/subuid and /etc/subgid to support run pods in user namespaces 2038832 - New templates for centos stream8 are missing registry suggestions in create vm wizard 2038840 - [SDN EgressIP]cloud-network-config-controller pod was CrashLoopBackOff after some operation 2038864 - E2E tests fail because multi-hop-net was not created 2038879 - All Builds are getting listed in DeploymentConfig under workloads on OpenShift Console 2038934 - CSI driver operators should use the trusted CA bundle when cluster proxy is configured 2038968 - Move feature gates from a carry patch to openshift/api 2039056 - Layout issue with breadcrumbs on API explorer page 2039057 - Kind column is not wide enough in API explorer page 2039064 - Bulk Import e2e test flaking at a high rate 2039065 - Diagnose and fix Bulk Import e2e test that was previously disabled 2039085 - Cloud credential operator configuration failing to apply in hypershift/ROKS clusters2039099 - [OVN EgressIP GCP] After reboot egress node, egressip that was previously assigned got lost 2039109 - [FJ OCP4.10 Bug]: startironic.sh failed to pull the image of image-customization container when behind a proxy 2039119 - CVO hotloops on Service openshift-monitoring/cluster-monitoring-operator 2039170 - [upgrade]Error shown on registry operator "missing the cloud-provider-config configmap" after upgrade 2039227 - Improve image customization server parameter passing during installation 2039241 - Improve image customization server parameter passing during installation 2039244 - Helm Release revision history page crashes the UI 2039294 - SDN controller metrics cannot be consumed correctly by prometheus 2039311 - oc Does Not Describe Build CSI Volumes 2039315 - Helm release list page should only fetch secrets for deployed charts 2039321 - SDN controller metrics are not being consumed by prometheus 2039330 - Create NMState button doesn't work in OperatorHub web console 2039339 - cluster-ingress-operator should report Unupgradeable if user has modified the aws resources annotations 2039345 - CNO does not verify the minimum MTU value for IPv6/dual-stack clusters. 2039359 - `oc adm prune deployments` can't prune the RS where the associated Deployment no longer exists 2039382 - gather_metallb_logs does not have execution permission 2039406 - logout from rest session after vsphere operator sync is finished 2039408 - Add GCP region northamerica-northeast2 to allowed regions 2039414 - Cannot see the weights increased for NodeAffinity, InterPodAffinity, TaintandToleration 2039425 - No need to set KlusterletAddonConfig CR applicationManager->enabled: true in RAN ztp deployment 2039491 - oc - git:// protocol used in unit tests 2039516 - Bump OVN to ovn21.12-21.12.0-25 2039529 - Project Dashboard Resource Quotas Card empty state test flaking at a high rate 2039534 - Diagnose and fix Project Dashboard Resource Quotas Card test that was previously disabled 2039541 - Resolv-prepender script duplicating entries 2039586 - [e2e] update centos8 to centos stream8 2039618 - VM created from SAP HANA template leads to 404 page if leave one network parameter empty 2039619 - [AWS] In tree provisioner storageclass aws disk type should contain 'gp3' and csi provisioner storageclass default aws disk type should be 'gp3' 2039670 - Create PDBs for control plane components 2039678 - Page goes blank when create image pull secret 2039689 - [IPI on Alibabacloud] Pay-by-specification NAT is no longer supported 2039743 - React missing key warning when open operator hub detail page (and maybe others as well) 2039756 - React missing key warning when open KnativeServing details 2039770 - Observe dashboard doesn't react on time-range changes after browser reload when perspective is changed in another tab 2039776 - Observe dashboard shows nothing if the URL links to an non existing dashboard 2039781 - [GSS] OBC is not visible by admin of a Project on Console 2039798 - Contextual binding with Operator backed service creates visual connector instead of Service binding connector 2039868 - Insights Advisor widget is not in the disabled state when the Insights Operator is disabled 2039880 - Log level too low for control plane metrics 2039919 - Add E2E test for router compression feature 2039981 - ZTP for standard clusters installs stalld on master nodes 2040132 - Flag --port has been deprecated, This flag has no effect now and will be removed in v1.24. You can use --secure-port instead 2040136 - external-dns-operator pod keeps restarting and reports error: timed out waiting for cache to be synced 2040143 - [IPI on Alibabacloud] suggest to remove region "cn-nanjing" or provide better error message 2040150 - Update ConfigMap keys for IBM HPCS 2040160 - [IPI on Alibabacloud] installation fails when region does not support pay-by-bandwidth 2040285 - Bump build-machinery-go for console-operator to pickup change in yaml-patch repository 2040357 - bump OVN to ovn-2021-21.12.0-11.el8fdp 2040376 - "unknown instance type" error for supported m6i.xlarge instance 2040394 - Controller: enqueue the failed configmap till services update 2040467 - Cannot build ztp-site-generator container image 2040504 - Change AWS EBS GP3 IOPS in MachineSet doesn't take affect in OpenShift 4 2040521 - RouterCertsDegraded certificate could not validate route hostname v4-0-config-system-custom-router-certs.apps 2040535 - Auto-update boot source is not available in customize wizard 2040540 - ovs hardware offload: ovsargs format error when adding vf netdev name 2040603 - rhel worker scaleup playbook failed because missing some dependency of podman 2040616 - rolebindings page doesn't load for normal users2040620 - [MAPO] Error pulling MAPO image on installation 2040653 - Topology sidebar warns that another component is updated while rendering 2040655 - User settings update fails when selecting application in topology sidebar 2040661 - Different react warnings about updating state on unmounted components when leaving topology 2040670 - Permafailing CI job: periodic-ci-openshift-release-master-nightly-4.10-e2e-gcp-libvirt-cert-rotation 2040671 - [Feature:IPv6DualStack] most tests are failing in dualstack ipi 2040694 - Three upstream HTTPClientConfig struct fields missing in the operator 2040705 - Du policy for standard cluster runs the PTP daemon on masters and workers2040710 - cluster-baremetal-operator cannot update BMC subscription CR 2040741 - Add CI test(s) to ensure that metal3 components are deployed in vSphere, OpenStack and None platforms 2040782 - Import YAML page blocks input with more then one generateName attribute 2040783 - The Import from YAML summary page doesn't show the resource name if created via generateName attribute 2040791 - Default PGT policies must be 'inform' to integrate with the Lifecycle Operator 2040793 - Fix snapshot e2e failures 2040880 - do not block upgrades if we can't connect to vcenter 2041087 - MetalLB: MetalLB CR is not upgraded automatically from 4.9 to 4.10 2041093 - autounattend.xml missing 2041204 - link to templates in virtualization-cluster-overview inventory card is to all templates 2041319 - [IPI on Alibabacloud] installation in region "cn-shanghai" failed, due to "Resource alicloud_vswitch CreateVSwitch Failed...InvalidCidrBlock.Overlapped" 2041326 - Should bump cluster-kube-descheduler-operator to kubernetes version V1.23 2041329 - aws and gcp CredentialsRequest manifests missing ServiceAccountNames list for cloud-network-config-controller 2041361 - [IPI on Alibabacloud] Disable session persistence and removebBandwidth peak of listener 2041441 - Provision volume with size 3000Gi even if sizeRange: '[10-2000]GiB' in storageclass on IBM cloud 2041466 - Kubedescheduler version is missing from the operator logs 2041475 - React components should have a (mostly) unique name in react dev tools to simplify code analyses 2041483 - MetallB: quay.io/openshift/origin-kube-rbac-proxy:4.10 deploy Metallb CR is missing (controller and speaker pods) 2041492 - Spacing between resources in inventory card is too small 2041509 - GCP Cloud provider components should use K8s 1.23 dependencies 2041510 - cluster-baremetal-operator doesn't run baremetal-operator's subscription webhook 2041541 - audit: ManagedFields are dropped using API not annotation 2041546 - ovnkube: set election timer at RAFT cluster creation time 2041554 - use lease for leader election 2041581 - KubeDescheduler operator log shows "Use of insecure cipher detected" 2041583 - etcd and api server cpu mask interferes with a guaranteed workload 2041598 - Including CA bundle in Azure Stack cloud config causes MCO failure 2041605 - Dynamic Plugins: discrepancy in proxy alias documentation/implementation 2041620 - bundle CSV alm-examples does not parse 2041641 - Fix inotify leak and kubelet retaining memory 2041671 - Delete templates leads to 404 page 2041694 - [IPI on Alibabacloud] installation fails when region does not support the cloud_essd disk category 2041734 - ovs hwol: VFs are unbind when switchdev mode is enabled 2041750 - [IPI on Alibabacloud] trying "create install-config" with region "cn-wulanchabu (China (Ulanqab))" (or "ap-southeast-6 (Philippines (Manila))", "cn-guangzhou (China (Guangzhou))") failed due to invalid endpoint 2041763 - The Observe > Alerting pages no longer have their default sort order applied 2041830 - CI: ovn-kubernetes-master-e2e-aws-ovn-windows is broken 2041854 - Communities / Local prefs are applied to all the services regardless of the pool, and only one community is applied 2041882 - cloud-network-config operator can't work normal on GCP workload identity cluster 2041888 - Intermittent incorrect build to run correlation, leading to run status updates applied to wrong build, builds stuck in non-terminal phases 2041926 - [IPI on Alibabacloud] Installer ignores public zone when it does not exist 2041971 - [vsphere] Reconciliation of mutating webhooks didn't happen 2041989 - CredentialsRequest manifests being installed for ibm-cloud-managed profile 2041999 - [PROXY] external dns pod cannot recognize custom proxy CA 2042001 - unexpectedly found multiple load balancers2042029 - kubedescheduler fails to install completely 2042036 - [IBMCLOUD] "openshift-install explain installconfig.platform.ibmcloud" contains not yet supported custom vpc parameters2042049 - Seeing warning related to unrecognized feature gate in kubescheduler & KCM logs 2042059 - update discovery burst to reflect lots of CRDs on openshift clusters2042069 - Revert toolbox to rhcos-toolbox 2042169 - Can not delete egressnetworkpolicy in Foreground propagation 2042181 - MetalLB: User should not be allowed add same bgp advertisement twice in BGP address pool 2042265 - [IBM]"--scale-down-utilization-threshold" doesn't work on IBMCloud 2042274 - Storage API should be used when creating a PVC 2042315 - Baremetal IPI deployment with IPv6 control plane and disabled provisioning network fails as the nodes do not pass introspection 2042366 - Lifecycle hooks should be independently managed 2042370 - [IPI on Alibabacloud] installer panics when the zone does not have an enhanced NAT gateway 2042382 - [e2e][automation] CI takes more then 2 hours to run 2042395 - Add prerequisites for active health checks test 2042438 - Missing rpms in openstack-installer image 2042466 - Selection does not happen when switching from Topology Graph to List View 2042493 - No way to verify if IPs with leading zeros are still valid in the apiserver 2042567 - insufficient info on CodeReady Containers configuration 2042600 - Alone, the io.kubernetes.cri-o.Devices option poses a security risk 2042619 - Overview page of the console is broken for hypershift clusters2042655 - [IPI on Alibabacloud] cluster becomes unusable if there is only one kube-apiserver pod running 2042711 - [IBMCloud] Machine Deletion Hook cannot work on IBMCloud 2042715 - [AliCloud] Machine Deletion Hook cannot work on AliCloud 2042770 - [IPI on Alibabacloud] with vpcID & vswitchIDs specified, the installer would still try creating NAT gateway unexpectedly 2042829 - Topology performance: HPA was fetched for each Deployment (Pod Ring) 2042851 - Create template from SAP HANA template flow - VM is created instead of a new template 2042906 - Edit machineset with same machine deletion hook name succeed 2042960 - azure-file CI fails with "gid(0) in storageClass and pod fsgroup(1000) are not equal" 2043003 - [IPI on Alibabacloud] 'destroy cluster' of a failed installation (bug2041694) stuck after 'stage=Nat gateways' 2043042 - [Serial] [sig-auth][Feature:OAuthServer] [RequestHeaders] [IdP] test RequestHeaders IdP [Suite:openshift/conformance/serial] 2043043 - Cluster Autoscaler should use K8s 1.23 dependencies 2043064 - Topology performance: Unnecessary rerenderings in topology nodes (unchanged mobx props) 2043078 - Favorite system projects not visible in the project selector after toggling "Show default projects". 2043117 - Recommended operators links are erroneously treated as external 2043130 - Update CSI sidecars to the latest release for 4.10 2043234 - Missing validation when creating several BGPPeers with the same peerAddress 2043240 - Sync openshift/descheduler with sigs.k8s.io/descheduler 2043254 - crio does not bind the security profiles directory 2043296 - Ignition fails when reusing existing statically-keyed LUKS volume 2043297 - [4.10] Bootimage bump tracker 2043316 - RHCOS VM fails to boot on Nutanix AOS 2043446 - Rebase aws-efs-utils to the latest upstream version. 2043556 - Add proper ci-operator configuration to ironic and ironic-agent images 2043577 - DPU network operator 2043651 - Fix bug with exp. backoff working correcly when setting nextCheck in vsphere operator 2043675 - Too many machines deleted by cluster autoscaler when scaling down 2043683 - Revert bug 2039344 Ignoring IPv6 addresses against etcd cert validation 2043709 - Logging flags no longer being bound to command line 2043721 - Installer bootstrap hosts using outdated kubelet containing bugs 2043731 - [IBMCloud] terraform outputs missing for ibmcloud bootstrap and worker ips for must-gather 2043759 - Bump cluster-ingress-operator to k8s.io/api 1.23 2043780 - Bump router to k8s.io/api 1.23 2043787 - Bump cluster-dns-operator to k8s.io/api 1.23 2043801 - Bump CoreDNS to k8s.io/api 1.23 2043802 - EgressIP stopped working after single egressIP for a netnamespace is switched to the other node of HA pair after the first egress node is shutdown 2043961 - [OVN-K] If pod creation fails, retry doesn't work as expected. 2044201 - Templates golden image parameters names should be supported 2044244 - Builds are failing after upgrading the cluster with builder image [jboss-webserver-5/jws56-openjdk8-openshift-rhel8] 2044248 - [IBMCloud][vpc.block.csi.ibm.io]Cluster common user use the storageclass without parameter “csi.storage.k8s.io/fstype” create pvc,pod successfully but write data to the pod's volume failed of "Permission denied" 2044303 - [ovn][cloud-network-config-controller] cloudprivateipconfigs ips were left after deleting egressip objects 2044347 - Bump to kubernetes 1.23.3 2044481 - collect sharedresource cluster scoped instances with must-gather 2044496 - Unable to create hardware events subscription - failed to add finalizers2044628 - CVE-2022-21673 grafana: Forward OAuth Identity Token can allow users to access some data sources 2044680 - Additional libovsdb performance and resource consumption fixes 2044704 - Observe > Alerting pages should not show runbook links in 4.10 2044717 - [e2e] improve tests for upstream test environment 2044724 - Remove namespace column on VM list page when a project is selected 2044745 - Upgrading cluster from 4.9 to 4.10 on Azure (ARO) causes the cloud-network-config-controller pod to CrashLoopBackOff 2044808 - machine-config-daemon-pull.service: use `cp` instead of `cat` when extracting MCD in OKD 2045024 - CustomNoUpgrade alerts should be ignored 2045112 - vsphere-problem-detector has missing rbac rules for leases 2045199 - SnapShot with Disk Hot-plug hangs 2045561 - Cluster Autoscaler should use the same default Group value as Cluster API 2045591 - Reconciliation of aws pod identity mutating webhook did not happen 2045849 - Add Sprint 212 translations 2045866 - MCO Operator pod spam "Error creating event" warning messages in 4.10 2045878 - Sync upstream 1.16.0 downstream; includes hybrid helm plugin 2045916 - [IBMCloud] Default machine profile in installer is unreliable 2045927 - [FJ OCP4.10 Bug]: Podman failed to pull the IPA image due to the loss of proxy environment 2046025 - [IPI on Alibabacloud] pre-configured alicloud DNS private zone is deleted after destroying cluster, please clarify 2046137 - oc output for unknown commands is not human readable 2046296 - When creating multiple consecutive egressIPs on GCP not all of them get assigned to the instance 2046297 - Bump DB reconnect timeout 2046517 - In Notification drawer, the "Recommendations" header shows when there isn't any recommendations 2046597 - Observe > Targets page may show the wrong service monitor is multiple monitors have the same namespace & label selectors2046626 - Allow setting custom metrics for Ansible-based Operators2046683 - [AliCloud]"--scale-down-utilization-threshold" doesn't work on AliCloud 2047025 - Installation fails because of Alibaba CSI driver operator is degraded 2047190 - Bump Alibaba CSI driver for 4.10 2047238 - When using communities and localpreferences together, only localpreference gets applied 2047255 - alibaba: resourceGroupID not found 2047258 - [aws-usgov] fatal error occurred if AMI is not provided for AWS GovCloud regions 2047317 - Update HELM OWNERS files under Dev Console 2047455 - [IBM Cloud] Update custom image os type 2047496 - Add image digest feature 2047779 - do not degrade cluster if storagepolicy creation fails 2047927 - 'oc get project' caused 'Observed a panic: cannot deep copy core.NamespacePhase' when AllRequestBodies is used 2047929 - use lease for leader election 2047975 - [sig-network][Feature:Router] The HAProxy router should override the route host for overridden domains with a custom value [Skipped:Disconnected] [Suite:openshift/conformance/parallel] 2048046 - New route annotation to show another URL or hide topology URL decorator doesn't work for Knative Services 2048048 - Application tab in User Preferences dropdown menus are too wide. 2048050 - Topology list view items are not highlighted on keyboard navigation 2048117 - [IBM]Shouldn't change status.storage.bucket and status.storage.resourceKeyCRN when update sepc.stroage,ibmcos with invalid value 2048413 - Bond CNI: Failed to attach Bond NAD to pod 2048443 - Image registry operator panics when finalizes config deletion 2048478 - [alicloud] CCM deploys alibaba-cloud-controller-manager from quay.io/openshift/origin-* 2048484 - SNO: cluster-policy-controller failed to start due to missing serving-cert/tls.crt 2048598 - Web terminal view is broken 2048836 - ovs-configure mis-detecting the ipv6 status on IPv4 only cluster causing Deployment failure 2048891 - Topology page is crashed 2049003 - 4.10: [IBMCloud] ibm-vpc-block-csi-node does not specify an update strategy, only resource requests, or priority class 2049043 - Cannot create VM from template 2049156 - 'oc get project' caused 'Observed a panic: cannot deep copy core.NamespacePhase' when AllRequestBodies is used 2049886 - Placeholder bug for OCP 4.10.0 metadata release 2049890 - Warning annotation for pods with cpu requests or limits on single-node OpenShift cluster without workload partitioning 2050189 - [aws-efs-csi-driver] Merge upstream changes since v1.3.2 2050190 - [aws-ebs-csi-driver] Merge upstream changes since v1.2.0 2050227 - Installation on PSI fails with: 'openstack platform does not have the required standard-attr-tag network extension' 2050247 - Failing test in periodics: [sig-network] Services should respect internalTrafficPolicy=Local Pod and Node, to Pod (hostNetwork: true) [Feature:ServiceInternalTrafficPolicy] [Skipped:Network/OVNKubernetes] [Suite:openshift/conformance/parallel] [Suite:k8s] 2050250 - Install fails to bootstrap, complaining about DefragControllerDegraded and sad members2050310 - ContainerCreateError when trying to launch large (>500) numbers of pods across nodes 2050370 - alert data for burn budget needs to be updated to prevent regression 2050393 - ZTP missing support for local image registry and custom machine config 2050557 - Can not push images to image-registry when enabling KMS encryption in AlibabaCloud 2050737 - Remove metrics and events for master port offsets 2050801 - Vsphere upi tries to access vsphere during manifests generation phase 2050883 - Logger object in LSO does not log source location accurately 2051692 - co/image-registry is degrade because ImagePrunerDegraded: Job has reached the specified backoff limit 2052062 - Whereabouts should implement client-go 1.22+ 2052125 - [4.10] Crio appears to be coredumping in some scenarios 2052210 - [aws-c2s] kube-apiserver crashloops due to missing cloud config 2052339 - Failing webhooks will block an upgrade to 4.10 mid-way through the upgrade. 2052458 - [IBM Cloud] ibm-vpc-block-csi-controller does not specify an update strategy, priority class, or only resource requests 2052598 - kube-scheduler should use configmap lease 2052599 - kube-controller-manger should use configmap lease 2052600 - Failed to scaleup RHEL machine against OVN cluster due to jq tool is required by configure-ovs.sh 2052609 - [vSphere CSI driver Operator] RWX volumes counts metrics `vsphere_rwx_volumes_total` not valid 2052611 - MetalLB: BGPPeer object does not have ability to set ebgpMultiHop 2052612 - MetalLB: Webhook Validation: Two BGPPeers instances can have different router ID set. 2052644 - Infinite OAuth redirect loop post-upgrade to 4.10.0-rc.1 2052666 - [4.10.z] change gitmodules to rhcos-4.10 branch 2052756 - [4.10] PVs are not being cleaned up after PVC deletion 2053175 - oc adm catalog mirror throws 'missing signature key' error when using file://local/index 2053218 - ImagePull fails with error "unable to pull manifest from /busy.box:v5 invalid reference format" 2053252 - Sidepanel for Connectors/workloads in topology shows invalid tabs 2053268 - inability to detect static lifecycle failure 2053314 - requestheader IDP test doesn't wait for cleanup, causing high failure rates 2053323 - OpenShift-Ansible BYOH Unit Tests are Broken 2053339 - Remove dev preview badge from IBM FlashSystem deployment windows 2053751 - ztp-site-generate container is missing convenience entrypoint 2053945 - [4.10] Failed to apply sriov policy on intel nics 2054109 - Missing "app" label 2054154 - RoleBinding in project without subject is causing "Project access" page to fail 2054244 - Latest pipeline run should be listed on the top of the pipeline run list 2054288 - console-master-e2e-gcp-console is broken 2054562 - DPU network operator 4.10 branch need to sync with master 2054897 - Unable to deploy hw-event-proxy operator 2055193 - e2e-metal-ipi-serial-ovn-ipv6 is failing frequently 2055358 - Summary Interval Hardcoded in PTP Operator if Set in the Global Body Instead of Command Line 2055371 - Remove Check which enforces summary_interval must match logSyncInterval 2055689 - [ibm]Operator storage PROGRESSING and DEGRADED is true during fresh install for ocp4.11 2055894 - CCO mint mode will not work for Azure after sunsetting of Active Directory Graph API 2056441 - AWS EFS CSI driver should use the trusted CA bundle when cluster proxy is configured 2056479 - ovirt-csi-driver-node pods are crashing intermittently 2056572 - reconcilePrecaching error: cannot list resource "clusterserviceversions" in API group "operators.coreos.com" at the cluster scope" 2056629 - [4.10] EFS CSI driver can't unmount volumes with "wait: no child processes" 2056878 - (dummy bug) ovn-kubernetes ExternalTrafficPolicy still SNATs 2056928 - Ingresscontroller LB scope change behaviour differs for different values of aws-load-balancer-internal annotation 2056948 - post 1.23 rebase: regression in service-load balancer reliability 2057438 - Service Level Agreement (SLA) always show 'Unknown' 2057721 - Fix Proxy support in RHACM 2.4.2 2057724 - Image creation fails when NMstateConfig CR is empty 2058641 - [4.10] Pod density test causing problems when using kube-burner 2059761 - 4.9.23-s390x-machine-os-content manifest invalid when mirroring content for disconnected install 2060610 - Broken access to public images: Unable to connect to the server: no basic auth credentials 2060956 - service domain can't be resolved when networkpolicy is used in OCP 4.10-rc 5. References: https://access.redhat.com/security/cve/CVE-2014-3577 https://access.redhat.com/security/cve/CVE-2016-10228 https://access.redhat.com/security/cve/CVE-2017-14502 https://access.redhat.com/security/cve/CVE-2018-20843 https://access.redhat.com/security/cve/CVE-2018-1000858 https://access.redhat.com/security/cve/CVE-2019-8625 https://access.redhat.com/security/cve/CVE-2019-8710 https://access.redhat.com/security/cve/CVE-2019-8720 https://access.redhat.com/security/cve/CVE-2019-8743 https://access.redhat.com/security/cve/CVE-2019-8764 https://access.redhat.com/security/cve/CVE-2019-8766 https://access.redhat.com/security/cve/CVE-2019-8769 https://access.redhat.com/security/cve/CVE-2019-8771 https://access.redhat.com/security/cve/CVE-2019-8782 https://access.redhat.com/security/cve/CVE-2019-8783 https://access.redhat.com/security/cve/CVE-2019-8808 https://access.redhat.com/security/cve/CVE-2019-8811 https://access.redhat.com/security/cve/CVE-2019-8812 https://access.redhat.com/security/cve/CVE-2019-8813 https://access.redhat.com/security/cve/CVE-2019-8814 https://access.redhat.com/security/cve/CVE-2019-8815 https://access.redhat.com/security/cve/CVE-2019-8816 https://access.redhat.com/security/cve/CVE-2019-8819 https://access.redhat.com/security/cve/CVE-2019-8820 https://access.redhat.com/security/cve/CVE-2019-8823 https://access.redhat.com/security/cve/CVE-2019-8835 https://access.redhat.com/security/cve/CVE-2019-8844 https://access.redhat.com/security/cve/CVE-2019-8846 https://access.redhat.com/security/cve/CVE-2019-9169 https://access.redhat.com/security/cve/CVE-2019-13050 https://access.redhat.com/security/cve/CVE-2019-13627 https://access.redhat.com/security/cve/CVE-2019-14889 https://access.redhat.com/security/cve/CVE-2019-15903 https://access.redhat.com/security/cve/CVE-2019-19906 https://access.redhat.com/security/cve/CVE-2019-20454 https://access.redhat.com/security/cve/CVE-2019-20807 https://access.redhat.com/security/cve/CVE-2019-25013 https://access.redhat.com/security/cve/CVE-2020-1730 https://access.redhat.com/security/cve/CVE-2020-3862 https://access.redhat.com/security/cve/CVE-2020-3864 https://access.redhat.com/security/cve/CVE-2020-3865 https://access.redhat.com/security/cve/CVE-2020-3867 https://access.redhat.com/security/cve/CVE-2020-3868 https://access.redhat.com/security/cve/CVE-2020-3885 https://access.redhat.com/security/cve/CVE-2020-3894 https://access.redhat.com/security/cve/CVE-2020-3895 https://access.redhat.com/security/cve/CVE-2020-3897 https://access.redhat.com/security/cve/CVE-2020-3899 https://access.redhat.com/security/cve/CVE-2020-3900 https://access.redhat.com/security/cve/CVE-2020-3901 https://access.redhat.com/security/cve/CVE-2020-3902 https://access.redhat.com/security/cve/CVE-2020-8927 https://access.redhat.com/security/cve/CVE-2020-9802 https://access.redhat.com/security/cve/CVE-2020-9803 https://access.redhat.com/security/cve/CVE-2020-9805 https://access.redhat.com/security/cve/CVE-2020-9806 https://access.redhat.com/security/cve/CVE-2020-9807 https://access.redhat.com/security/cve/CVE-2020-9843 https://access.redhat.com/security/cve/CVE-2020-9850 https://access.redhat.com/security/cve/CVE-2020-9862 https://access.redhat.com/security/cve/CVE-2020-9893 https://access.redhat.com/security/cve/CVE-2020-9894 https://access.redhat.com/security/cve/CVE-2020-9895 https://access.redhat.com/security/cve/CVE-2020-9915 https://access.redhat.com/security/cve/CVE-2020-9925 https://access.redhat.com/security/cve/CVE-2020-9952 https://access.redhat.com/security/cve/CVE-2020-10018 https://access.redhat.com/security/cve/CVE-2020-11793 https://access.redhat.com/security/cve/CVE-2020-13434 https://access.redhat.com/security/cve/CVE-2020-14391 https://access.redhat.com/security/cve/CVE-2020-15358 https://access.redhat.com/security/cve/CVE-2020-15503 https://access.redhat.com/security/cve/CVE-2020-25660 https://access.redhat.com/security/cve/CVE-2020-25677 https://access.redhat.com/security/cve/CVE-2020-27618 https://access.redhat.com/security/cve/CVE-2020-27781 https://access.redhat.com/security/cve/CVE-2020-29361 https://access.redhat.com/security/cve/CVE-2020-29362 https://access.redhat.com/security/cve/CVE-2020-29363 https://access.redhat.com/security/cve/CVE-2021-3121 https://access.redhat.com/security/cve/CVE-2021-3326 https://access.redhat.com/security/cve/CVE-2021-3449 https://access.redhat.com/security/cve/CVE-2021-3450 https://access.redhat.com/security/cve/CVE-2021-3516 https://access.redhat.com/security/cve/CVE-2021-3517 https://access.redhat.com/security/cve/CVE-2021-3518 https://access.redhat.com/security/cve/CVE-2021-3520 https://access.redhat.com/security/cve/CVE-2021-3521 https://access.redhat.com/security/cve/CVE-2021-3537 https://access.redhat.com/security/cve/CVE-2021-3541 https://access.redhat.com/security/cve/CVE-2021-3733 https://access.redhat.com/security/cve/CVE-2021-3749 https://access.redhat.com/security/cve/CVE-2021-20305 https://access.redhat.com/security/cve/CVE-2021-21684 https://access.redhat.com/security/cve/CVE-2021-22946 https://access.redhat.com/security/cve/CVE-2021-22947 https://access.redhat.com/security/cve/CVE-2021-25215 https://access.redhat.com/security/cve/CVE-2021-27218 https://access.redhat.com/security/cve/CVE-2021-30666 https://access.redhat.com/security/cve/CVE-2021-30761 https://access.redhat.com/security/cve/CVE-2021-30762 https://access.redhat.com/security/cve/CVE-2021-33928 https://access.redhat.com/security/cve/CVE-2021-33929 https://access.redhat.com/security/cve/CVE-2021-33930 https://access.redhat.com/security/cve/CVE-2021-33938 https://access.redhat.com/security/cve/CVE-2021-36222 https://access.redhat.com/security/cve/CVE-2021-37750 https://access.redhat.com/security/cve/CVE-2021-39226 https://access.redhat.com/security/cve/CVE-2021-41190 https://access.redhat.com/security/cve/CVE-2021-43813 https://access.redhat.com/security/cve/CVE-2021-44716 https://access.redhat.com/security/cve/CVE-2021-44717 https://access.redhat.com/security/cve/CVE-2022-0532 https://access.redhat.com/security/cve/CVE-2022-21673 https://access.redhat.com/security/cve/CVE-2022-24407 https://access.redhat.com/security/updates/classification/#moderate 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYipqONzjgjWX9erEAQjQcBAAgWTjA6Q2NgqfVf63ZpJF1jPurZLPqxDL 0in/5+/wqWaiQ6yk7wM3YBZgviyKnAMCVdrLsaR7R77BvfJcTE3W/fzogxpp6Rne eGT1PTgQRecrSIn+WG4gGSteavTULWOIoPvUiNpiy3Y7fFgjFdah+Nyx3Xd+xehM CEswylOd6Hr03KZ1tS3XL3kGL2botha48Yls7FzDFbNcy6TBAuycmQZifKu8mHaF aDAupVJinDnnVgACeS6CnZTAD+Vrx5W7NIisteXv4x5Hy+jBIUHr8Yge3oxYoFnC Y/XmuOw2KilLZuqFe+KHig45qT+FmNU8E1egcGpNWvmS8hGZfiG1jEQAqDPbZHxp sQAQZLQyz3TvXa29vp4QcsUuMxndIOi+QaK75JmqE06MqMIlFDYpr6eQOIgIZvFO RDZU/qvBjh56ypInoqInBf8KOQMy6eO+r6nFbMGcAfucXmz0EVcSP1oFHAoA1nWN rs1Qz/SO4CvdPERxcr1MLuBLggZ6iqGmHKk5IN0SwcndBHaVJ3j/LBv9m7wBYVry bSvojBDYx5ricbTwB5sGzu7oH5yVl813FA9cjkFpEhBiMtTfI+DKC8ssoRYNHd5Z 7gLW6KWPUIDuCIiiioPZAJMyvJ0IMrNDoQ0lhqPeV7PFdlRhT95M/DagUZOpPVuT b5PUYUBIZLc=GUDA -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2022-0056:01 Moderate: OpenShift Container Platform 4.10.3

Red Hat OpenShift Container Platform release 4.10.3 is now available with updates to packages and images that fix several bugs and add enhancements

Summary

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.3. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHSA-2022:0055
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Security Fix(es):
* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121) * grafana: Snapshot authentication bypass (CVE-2021-39226) * golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716) * nodejs-axios: Regular expression denial of service in trim function (CVE-2021-3749) * golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717) * grafana: Forward OAuth Identity Token can allow users to access some data sources (CVE-2022-21673) * grafana: directory traversal vulnerability (CVE-2021-43813)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
You may download the oc tool and use it to inspect release image metadata as follows:
(For x86_64 architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.10.3-x86_64
The image digest is sha256:7ffe4cd612be27e355a640e5eec5cd8f923c1400d969fd590f806cffdaabcc56
(For s390x architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.10.3-s390x
The image digest is sha256:4cf21a9399da1ce8427246f251ae5dedacfc8c746d2345f9cfe039ed9eda3e69
(For ppc64le architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.10.3-ppc64le
The image digest is sha256:4ee571da1edf59dfee4473aa4604aba63c224bf8e6bcf57d048305babbbde93c
All OpenShift Container Platform 4.10 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html

Summary

Solution

For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for moderate instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html

References

https://access.redhat.com/security/cve/CVE-2014-3577 https://access.redhat.com/security/cve/CVE-2016-10228 https://access.redhat.com/security/cve/CVE-2017-14502 https://access.redhat.com/security/cve/CVE-2018-20843 https://access.redhat.com/security/cve/CVE-2018-1000858 https://access.redhat.com/security/cve/CVE-2019-8625 https://access.redhat.com/security/cve/CVE-2019-8710 https://access.redhat.com/security/cve/CVE-2019-8720 https://access.redhat.com/security/cve/CVE-2019-8743 https://access.redhat.com/security/cve/CVE-2019-8764 https://access.redhat.com/security/cve/CVE-2019-8766 https://access.redhat.com/security/cve/CVE-2019-8769 https://access.redhat.com/security/cve/CVE-2019-8771 https://access.redhat.com/security/cve/CVE-2019-8782 https://access.redhat.com/security/cve/CVE-2019-8783 https://access.redhat.com/security/cve/CVE-2019-8808 https://access.redhat.com/security/cve/CVE-2019-8811 https://access.redhat.com/security/cve/CVE-2019-8812 https://access.redhat.com/security/cve/CVE-2019-8813 https://access.redhat.com/security/cve/CVE-2019-8814 https://access.redhat.com/security/cve/CVE-2019-8815 https://access.redhat.com/security/cve/CVE-2019-8816 https://access.redhat.com/security/cve/CVE-2019-8819 https://access.redhat.com/security/cve/CVE-2019-8820 https://access.redhat.com/security/cve/CVE-2019-8823 https://access.redhat.com/security/cve/CVE-2019-8835 https://access.redhat.com/security/cve/CVE-2019-8844 https://access.redhat.com/security/cve/CVE-2019-8846 https://access.redhat.com/security/cve/CVE-2019-9169 https://access.redhat.com/security/cve/CVE-2019-13050 https://access.redhat.com/security/cve/CVE-2019-13627 https://access.redhat.com/security/cve/CVE-2019-14889 https://access.redhat.com/security/cve/CVE-2019-15903 https://access.redhat.com/security/cve/CVE-2019-19906 https://access.redhat.com/security/cve/CVE-2019-20454 https://access.redhat.com/security/cve/CVE-2019-20807 https://access.redhat.com/security/cve/CVE-2019-25013 https://access.redhat.com/security/cve/CVE-2020-1730 https://access.redhat.com/security/cve/CVE-2020-3862 https://access.redhat.com/security/cve/CVE-2020-3864 https://access.redhat.com/security/cve/CVE-2020-3865 https://access.redhat.com/security/cve/CVE-2020-3867 https://access.redhat.com/security/cve/CVE-2020-3868 https://access.redhat.com/security/cve/CVE-2020-3885 https://access.redhat.com/security/cve/CVE-2020-3894 https://access.redhat.com/security/cve/CVE-2020-3895 https://access.redhat.com/security/cve/CVE-2020-3897 https://access.redhat.com/security/cve/CVE-2020-3899 https://access.redhat.com/security/cve/CVE-2020-3900 https://access.redhat.com/security/cve/CVE-2020-3901 https://access.redhat.com/security/cve/CVE-2020-3902 https://access.redhat.com/security/cve/CVE-2020-8927 https://access.redhat.com/security/cve/CVE-2020-9802 https://access.redhat.com/security/cve/CVE-2020-9803 https://access.redhat.com/security/cve/CVE-2020-9805 https://access.redhat.com/security/cve/CVE-2020-9806 https://access.redhat.com/security/cve/CVE-2020-9807 https://access.redhat.com/security/cve/CVE-2020-9843 https://access.redhat.com/security/cve/CVE-2020-9850 https://access.redhat.com/security/cve/CVE-2020-9862 https://access.redhat.com/security/cve/CVE-2020-9893 https://access.redhat.com/security/cve/CVE-2020-9894 https://access.redhat.com/security/cve/CVE-2020-9895 https://access.redhat.com/security/cve/CVE-2020-9915 https://access.redhat.com/security/cve/CVE-2020-9925 https://access.redhat.com/security/cve/CVE-2020-9952 https://access.redhat.com/security/cve/CVE-2020-10018 https://access.redhat.com/security/cve/CVE-2020-11793 https://access.redhat.com/security/cve/CVE-2020-13434 https://access.redhat.com/security/cve/CVE-2020-14391 https://access.redhat.com/security/cve/CVE-2020-15358 https://access.redhat.com/security/cve/CVE-2020-15503 https://access.redhat.com/security/cve/CVE-2020-25660 https://access.redhat.com/security/cve/CVE-2020-25677 https://access.redhat.com/security/cve/CVE-2020-27618 https://access.redhat.com/security/cve/CVE-2020-27781 https://access.redhat.com/security/cve/CVE-2020-29361 https://access.redhat.com/security/cve/CVE-2020-29362 https://access.redhat.com/security/cve/CVE-2020-29363 https://access.redhat.com/security/cve/CVE-2021-3121 https://access.redhat.com/security/cve/CVE-2021-3326 https://access.redhat.com/security/cve/CVE-2021-3449 https://access.redhat.com/security/cve/CVE-2021-3450 https://access.redhat.com/security/cve/CVE-2021-3516 https://access.redhat.com/security/cve/CVE-2021-3517 https://access.redhat.com/security/cve/CVE-2021-3518 https://access.redhat.com/security/cve/CVE-2021-3520 https://access.redhat.com/security/cve/CVE-2021-3521 https://access.redhat.com/security/cve/CVE-2021-3537 https://access.redhat.com/security/cve/CVE-2021-3541 https://access.redhat.com/security/cve/CVE-2021-3733 https://access.redhat.com/security/cve/CVE-2021-3749 https://access.redhat.com/security/cve/CVE-2021-20305 https://access.redhat.com/security/cve/CVE-2021-21684 https://access.redhat.com/security/cve/CVE-2021-22946 https://access.redhat.com/security/cve/CVE-2021-22947 https://access.redhat.com/security/cve/CVE-2021-25215 https://access.redhat.com/security/cve/CVE-2021-27218 https://access.redhat.com/security/cve/CVE-2021-30666 https://access.redhat.com/security/cve/CVE-2021-30761 https://access.redhat.com/security/cve/CVE-2021-30762 https://access.redhat.com/security/cve/CVE-2021-33928 https://access.redhat.com/security/cve/CVE-2021-33929 https://access.redhat.com/security/cve/CVE-2021-33930 https://access.redhat.com/security/cve/CVE-2021-33938 https://access.redhat.com/security/cve/CVE-2021-36222 https://access.redhat.com/security/cve/CVE-2021-37750 https://access.redhat.com/security/cve/CVE-2021-39226 https://access.redhat.com/security/cve/CVE-2021-41190 https://access.redhat.com/security/cve/CVE-2021-43813 https://access.redhat.com/security/cve/CVE-2021-44716 https://access.redhat.com/security/cve/CVE-2021-44717 https://access.redhat.com/security/cve/CVE-2022-0532 https://access.redhat.com/security/cve/CVE-2022-21673 https://access.redhat.com/security/cve/CVE-2022-24407 https://access.redhat.com/security/updates/classification/#moderate

Package List

Severity

Advisory ID: RHSA-2022:0056-01

Product: Red Hat OpenShift Enterprise

Advisory URL: https://access.redhat.com/errata/RHSA-2022:0056

Issued Date: : 2022-03-10

CVE Names: CVE-2014-3577 CVE-2016-10228 CVE-2017-14502 CVE-2018-20843 CVE-2018-1000858 CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-9169 CVE-2019-13050 CVE-2019-13627 CVE-2019-14889 CVE-2019-15903 CVE-2019-19906 CVE-2019-20454 CVE-2019-20807 CVE-2019-25013 CVE-2020-1730 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-3885 CVE-2020-3894 CVE-2020-3895 CVE-2020-3897 CVE-2020-3899 CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 CVE-2020-8927 CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 CVE-2020-9952 CVE-2020-10018 CVE-2020-11793 CVE-2020-13434 CVE-2020-14391 CVE-2020-15358 CVE-2020-15503 CVE-2020-25660 CVE-2020-25677 CVE-2020-27618 CVE-2020-27781 CVE-2020-29361 CVE-2020-29362 CVE-2020-29363 CVE-2021-3121 CVE-2021-3326 CVE-2021-3449 CVE-2021-3450 CVE-2021-3516 CVE-2021-3517 CVE-2021-3518 CVE-2021-3520 CVE-2021-3521 CVE-2021-3537 CVE-2021-3541 CVE-2021-3733 CVE-2021-3749 CVE-2021-20305 CVE-2021-21684 CVE-2021-22946 CVE-2021-22947 CVE-2021-25215 CVE-2021-27218 CVE-2021-30666 CVE-2021-30761 CVE-2021-30762 CVE-2021-33928 CVE-2021-33929 CVE-2021-33930 CVE-2021-33938 CVE-2021-36222 CVE-2021-37750 CVE-2021-39226 CVE-2021-41190 CVE-2021-43813 CVE-2021-44716 CVE-2021-44717 CVE-2022-0532 CVE-2022-21673 CVE-2022-24407

Topic

Red Hat OpenShift Container Platform release 4.10.3 is now available withupdates to packages and images that fix several bugs and add enhancements.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.2034474 - Template's boot source is "Unknown source" before and after set enableCommonBootImageImport to true2034477 - [OVN] Multiple EgressIP objects configured, EgressIPs weren't working properly2034493 - Change cluster version operator log level2034513 - [OVN] After update one EgressIP in EgressIP object, one internal IP lost from lr-policy-list2034527 - IPI deployment fails 'timeout reached while inspecting the node' when provisioning network ipv62034528 - [IBM VPC] volumeBindingMode should be WaitForFirstConsumer2034534 - Update ose-machine-api-provider-openstack images to be consistent with ART2034537 - Update team2034559 - KubeAPIErrorBudgetBurn firing outside recommended latency thresholds2034563 - [Azure] create machine with wrong ephemeralStorageLocation value success2034577 - Current OVN gateway mode should be reflected on node annotation as well2034621 - context menu not popping up for application group2034622 - Allow volume expansion by default in vsphere CSI storageclass 4.102034624 - Warn about unsupported CSI driver in vsphere operator2034647 - missing volumes list in snapshot modal2034648 - Rebase openshift-controller-manager to 1.232034650 - Rebase openshift/builder to 1.232034705 - vSphere: storage e2e tests logging configuration data2034743 - EgressIP: assigning the same egress IP to a second EgressIP object after a ovnkube-master restart does not fail.2034766 - Special Resource Operator(SRO) - no cert-manager pod created in dual stack environment2034785 - ptpconfig with summary_interval cannot be applied2034823 - RHEL9 should be starred in template list2034838 - An external router can inject routes if no service is added2034839 - Jenkins sync plugin does not synchronize ConfigMap having label role=jenkins-agent2034879 - Lifecycle hook's name and owner shouldn't be allowed to be empty2034881 - Cloud providers components should use K8s 1.23 dependencies2034884 - ART cannot build the image because it tries to download controller-gen2034889 - `oc adm prune deployments` does not work2034898 - Regression in recently added Events feature2034957 - update openshift-apiserver to kube 1.23.12035015 - ClusterLogForwarding CR remains stuck remediating forever2035093 - openshift-cloud-network-config-controller never runs on Hypershift cluster2035141 - [RFE] Show GPU/Host devices in template's details tab2035146 - "kubevirt-plugin~PVC cannot be empty" shows on add-disk modal while adding existing PVC2035167 - [cloud-network-config-controller] unable to deleted cloudprivateipconfig when deleting2035199 - IPv6 support in mtu-migration-dispatcher.yaml2035239 - e2e-metal-ipi-virtualmedia tests are permanently failing2035250 - Peering with ebgp peer over multi-hops doesn't work2035264 - [RFE] Provide a proper message for nonpriv user who not able to add PCI devices2035315 - invalid test cases for AWS passthrough mode2035318 - Upgrade management workflow needs to allow custom upgrade graph path for disconnected env2035321 - Add Sprint 211 translations2035326 - [ExternalCloudProvider] installation with additional network on workers fails2035328 - Ccoctl does not ignore credentials request manifest marked for deletion2035333 - Kuryr orphans ports on 504 errors from Neutron2035348 - Fix two grammar issues in kubevirt-plugin.json strings2035393 - oc set data --dry-run=server makes persistent changes to configmaps and secrets2035409 - OLM E2E test depends on operator package that's no longer published2035439 - SDN Automatic assignment EgressIP on GCP returned node IP adress not egressIP address2035453 - [IPI on Alibabacloud] 2 worker machines stuck in Failed phase due to connection to 'ecs-cn-hangzhou.aliyuncs.com' timeout, although the specified region is 'us-east-1'2035454 - [IPI on Alibabacloud] the OSS bucket created during installation for image registry is not deleted after destroying the cluster2035467 - UI: Queried metrics can't be ordered on Oberve->Metrics page2035494 - [SDN Migration]ovnkube-node pods CrashLoopBackOff after sdn migrated to ovn for RHEL workers2035515 - [IBMCLOUD] allowVolumeExpansion should be true in storage class2035602 - [e2e][automation] add tests for Virtualization Overview page cards2035703 - Roles -> RoleBindings tab doesn't show RoleBindings correctly2035704 - RoleBindings list page filter doesn't apply2035705 - Azure 'Destroy cluster' get stuck when the cluster resource group is already not existing.2035757 - [IPI on Alibabacloud] one master node turned NotReady which leads to installation failed2035772 - AccessMode and VolumeMode is not reserved for customize wizard2035847 - Two dashes in the Cronjob / Job pod name2035859 - the output of opm render doesn't contain olm.constraint which is defined in dependencies.yaml2035882 - [BIOS setting values] Create events for all invalid settings in spec2035903 - One redundant capi-operator credential requests in “oc adm extract --credentials-requests”2035910 - [UI] Manual approval options are missing after ODF 4.10 installation starts when Manual Update approval is chosen2035927 - Cannot enable HighNodeUtilization scheduler profile2035933 - volume mode and access mode are empty in customize wizard review tab2035969 - "ip a " shows "Error: Peer netns reference is invalid" after create test pods2035986 - Some pods under kube-scheduler/kube-controller-manager are using the deprecated annotation2036006 - [BIOS setting values] Attempt to set Integer parameter results in preparation error2036029 - New added cloud-network-config operator doesn’t supported aws sts format credential2036096 - [azure-file-csi-driver] there are no e2e tests for NFS backend2036113 - cluster scaling new nodes ovs-configuration fails on all new nodes2036567 - [csi-driver-nfs] Upstream merge: Bump k8s libraries to 1.232036569 - [cloud-provider-openstack] Upstream merge: Bump k8s libraries to 1.232036577 - OCP 4.10 nightly builds from 4.10.0-0.nightly-s390x-2021-12-18-034912 to 4.10.0-0.nightly-s390x-2022-01-11-233015 fail to upgrade from OCP 4.9.11 and 4.9.12 for network type OVNKubernetes for zVM hypervisor environments2036622 - sdn-controller crashes when restarted while a previous egress IP assignment exists2036717 - Valid AlertmanagerConfig custom resource with valid a mute time interval definition is rejected2036826 - `oc adm prune deployments` can prune the RC/RS2036827 - The ccoctl still accepts CredentialsRequests without ServiceAccounts on GCP platform2036861 - kube-apiserver is degraded while enable multitenant2036937 - Command line tools page shows wrong download ODO link2036940 - oc registry login fails if the file is empty or stdout2036951 - [cluster-csi-snapshot-controller-operator] proxy settings is being injected in container2036989 - Route URL copy to clipboard button wraps to a separate line by itself2036990 - ZTP "DU Done inform policy" never becomes compliant on multi-node clusters2036993 - Machine API components should use Go lang version 1.172037036 - The tuned profile goes into degraded status and ksm.service is displayed in the log.2037061 - aws and gcp CredentialsRequest manifests missing ServiceAccountNames list for cluster-api2037073 - Alertmanager container fails to start because of startup probe never being successful2037075 - Builds do not support CSI volumes2037167 - Some log level in ibm-vpc-block-csi-controller are hard code2037168 - IBM-specific Deployment manifest for package-server-manager should be excluded on non-IBM cluster-profiles2037182 - PingSource badge color is not matched with knativeEventing color2037203 - "Running VMs" card is too small in Virtualization Overview2037209 - [IPI on Alibabacloud] worker nodes are put in the default resource group unexpectedly2037237 - Add "This is a CD-ROM boot source" to customize wizard2037241 - default TTL for noobaa cache buckets should be 02037246 - Cannot customize auto-update boot source2037276 - [IBMCLOUD] vpc-node-label-updater may fail to label nodes appropriately2037288 - Remove stale image reference2037331 - Ensure the ccoctl behaviors are similar between aws and gcp on the existing resources2037483 - Rbacs for Pods within the CBO should be more restrictive2037484 - Bump dependencies to k8s 1.232037554 - Mismatched wave number error message should include the wave numbers that are in conflict2037622 - [4.10-Alibaba CSI driver][Restore size for volumesnapshot/volumesnapshotcontent is showing as 0 in Snapshot feature for Alibaba platform]2037635 - impossible to configure custom certs for default console route in ingress config2037637 - configure custom certificate for default console route doesn't take effect for OCP >= 4.82037638 - Builds do not support CSI volumes as volume sources2037664 - text formatting issue in Installed Operators list table2037680 - [IPI on Alibabacloud] sometimes operator 'cloud-controller-manager' tells empty VERSION, due to conflicts on listening tcp :80802037689 - [IPI on Alibabacloud] sometimes operator 'cloud-controller-manager' tells empty VERSION, due to conflicts on listening tcp :80802037801 - Serverless installation is failing on CI jobs for e2e tests2037813 - Metal Day 1 Networking - networkConfig Field Only Accepts String Format2037856 - use lease for leader election2037891 - 403 Forbidden error shows for all the graphs in each grafana dashboard after upgrade from 4.9 to 4.102037903 - Alibaba Cloud: delete-ram-user requires the credentials-requests2037904 - upgrade operator deployment failed due to memory limit too low for manager container2038021 - [4.10-Alibaba CSI driver][Default volumesnapshot class is not added/present after successful cluster installation]2038034 - non-privileged user cannot see auto-update boot source2038053 - Bump dependencies to k8s 1.232038088 - Remove ipa-downloader references2038160 - The `default` project missed the annotation : openshift.io/node-selector: ""2038166 - Starting from Go 1.17 invalid certificates will render a cluster non-functional2038196 - must-gather is missing collecting some metal3 resources2038240 - Error when configuring a file using permissions bigger than decimal 511 (octal 0777)2038253 - Validator Policies are long lived2038272 - Failures to build a PreprovisioningImage are not reported2038384 - Azure Default Instance Types are Incorrect2038389 - Failing test: [sig-arch] events should not repeat pathologically2038412 - Import page calls the git file list unnecessarily twice from GitHub/GitLab/Bitbucket2038465 - Upgrade chromedriver to 90.x to support Mac M1 chips2038481 - kube-controller-manager-guard and openshift-kube-scheduler-guard pods being deleted and restarted on a cordoned node when drained2038596 - Auto egressIP for OVN cluster on GCP: After egressIP object is deleted, egressIP still takes effect2038663 - update kubevirt-plugin OWNERS2038691 - [AUTH-8] Panic on user login when the user belongs to a group in the IdP side and the group already exists via "oc adm groups new"2038705 - Update ptp reviewers2038761 - Open Observe->Targets page, wait for a while, page become blank2038768 - All the filters on the Observe->Targets page can't work2038772 - Some monitors failed to display on Observe->Targets page2038793 - [SDN EgressIP] After reboot egress node, the egressip was lost from egress node2038827 - should add user containers in /etc/subuid and /etc/subgid to support run pods in user namespaces2038832 - New templates for centos stream8 are missing registry suggestions in create vm wizard2038840 - [SDN EgressIP]cloud-network-config-controller pod was CrashLoopBackOff after some operation2038864 - E2E tests fail because multi-hop-net was not created2038879 - All Builds are getting listed in DeploymentConfig under workloads on OpenShift Console2038934 - CSI driver operators should use the trusted CA bundle when cluster proxy is configured2038968 - Move feature gates from a carry patch to openshift/api2039056 - Layout issue with breadcrumbs on API explorer page2039057 - Kind column is not wide enough in API explorer page2039064 - Bulk Import e2e test flaking at a high rate2039065 - Diagnose and fix Bulk Import e2e test that was previously disabled2039085 - Cloud credential operator configuration failing to apply in hypershift/ROKS clusters2039099 - [OVN EgressIP GCP] After reboot egress node, egressip that was previously assigned got lost2039109 - [FJ OCP4.10 Bug]: startironic.sh failed to pull the image of image-customization container when behind a proxy2039119 - CVO hotloops on Service openshift-monitoring/cluster-monitoring-operator2039170 - [upgrade]Error shown on registry operator "missing the cloud-provider-config configmap" after upgrade2039227 - Improve image customization server parameter passing during installation2039241 - Improve image customization server parameter passing during installation2039244 - Helm Release revision history page crashes the UI2039294 - SDN controller metrics cannot be consumed correctly by prometheus2039311 - oc Does Not Describe Build CSI Volumes2039315 - Helm release list page should only fetch secrets for deployed charts2039321 - SDN controller metrics are not being consumed by prometheus2039330 - Create NMState button doesn't work in OperatorHub web console2039339 - cluster-ingress-operator should report Unupgradeable if user has modified the aws resources annotations2039345 - CNO does not verify the minimum MTU value for IPv6/dual-stack clusters.2039359 - `oc adm prune deployments` can't prune the RS where the associated Deployment no longer exists2039382 - gather_metallb_logs does not have execution permission2039406 - logout from rest session after vsphere operator sync is finished2039408 - Add GCP region northamerica-northeast2 to allowed regions2039414 - Cannot see the weights increased for NodeAffinity, InterPodAffinity, TaintandToleration2039425 - No need to set KlusterletAddonConfig CR applicationManager->enabled: true in RAN ztp deployment2039491 - oc - git:// protocol used in unit tests2039516 - Bump OVN to ovn21.12-21.12.0-252039529 - Project Dashboard Resource Quotas Card empty state test flaking at a high rate2039534 - Diagnose and fix Project Dashboard Resource Quotas Card test that was previously disabled2039541 - Resolv-prepender script duplicating entries2039586 - [e2e] update centos8 to centos stream82039618 - VM created from SAP HANA template leads to 404 page if leave one network parameter empty2039619 - [AWS] In tree provisioner storageclass aws disk type should contain 'gp3' and csi provisioner storageclass default aws disk type should be 'gp3'2039670 - Create PDBs for control plane components2039678 - Page goes blank when create image pull secret2039689 - [IPI on Alibabacloud] Pay-by-specification NAT is no longer supported2039743 - React missing key warning when open operator hub detail page (and maybe others as well)2039756 - React missing key warning when open KnativeServing details2039770 - Observe dashboard doesn't react on time-range changes after browser reload when perspective is changed in another tab2039776 - Observe dashboard shows nothing if the URL links to an non existing dashboard2039781 - [GSS] OBC is not visible by admin of a Project on Console2039798 - Contextual binding with Operator backed service creates visual connector instead of Service binding connector2039868 - Insights Advisor widget is not in the disabled state when the Insights Operator is disabled2039880 - Log level too low for control plane metrics2039919 - Add E2E test for router compression feature2039981 - ZTP for standard clusters installs stalld on master nodes2040132 - Flag --port has been deprecated, This flag has no effect now and will be removed in v1.24. You can use --secure-port instead2040136 - external-dns-operator pod keeps restarting and reports error: timed out waiting for cache to be synced2040143 - [IPI on Alibabacloud] suggest to remove region "cn-nanjing" or provide better error message2040150 - Update ConfigMap keys for IBM HPCS2040160 - [IPI on Alibabacloud] installation fails when region does not support pay-by-bandwidth2040285 - Bump build-machinery-go for console-operator to pickup change in yaml-patch repository2040357 - bump OVN to ovn-2021-21.12.0-11.el8fdp2040376 - "unknown instance type" error for supported m6i.xlarge instance2040394 - Controller: enqueue the failed configmap till services update2040467 - Cannot build ztp-site-generator container image2040504 - Change AWS EBS GP3 IOPS in MachineSet doesn't take affect in OpenShift 42040521 - RouterCertsDegraded certificate could not validate route hostname v4-0-config-system-custom-router-certs.apps2040535 - Auto-update boot source is not available in customize wizard2040540 - ovs hardware offload: ovsargs format error when adding vf netdev name2040603 - rhel worker scaleup playbook failed because missing some dependency of podman2040616 - rolebindings page doesn't load for normal users2040620 - [MAPO] Error pulling MAPO image on installation2040653 - Topology sidebar warns that another component is updated while rendering2040655 - User settings update fails when selecting application in topology sidebar2040661 - Different react warnings about updating state on unmounted components when leaving topology2040670 - Permafailing CI job: periodic-ci-openshift-release-master-nightly-4.10-e2e-gcp-libvirt-cert-rotation2040671 - [Feature:IPv6DualStack] most tests are failing in dualstack ipi2040694 - Three upstream HTTPClientConfig struct fields missing in the operator2040705 - Du policy for standard cluster runs the PTP daemon on masters and workers2040710 - cluster-baremetal-operator cannot update BMC subscription CR2040741 - Add CI test(s) to ensure that metal3 components are deployed in vSphere, OpenStack and None platforms2040782 - Import YAML page blocks input with more then one generateName attribute2040783 - The Import from YAML summary page doesn't show the resource name if created via generateName attribute2040791 - Default PGT policies must be 'inform' to integrate with the Lifecycle Operator2040793 - Fix snapshot e2e failures2040880 - do not block upgrades if we can't connect to vcenter2041087 - MetalLB: MetalLB CR is not upgraded automatically from 4.9 to 4.102041093 - autounattend.xml missing2041204 - link to templates in virtualization-cluster-overview inventory card is to all templates2041319 - [IPI on Alibabacloud] installation in region "cn-shanghai" failed, due to "Resource alicloud_vswitch CreateVSwitch Failed...InvalidCidrBlock.Overlapped"2041326 - Should bump cluster-kube-descheduler-operator to kubernetes version V1.232041329 - aws and gcp CredentialsRequest manifests missing ServiceAccountNames list for cloud-network-config-controller2041361 - [IPI on Alibabacloud] Disable session persistence and removebBandwidth peak of listener2041441 - Provision volume with size 3000Gi even if sizeRange: '[10-2000]GiB' in storageclass on IBM cloud2041466 - Kubedescheduler version is missing from the operator logs2041475 - React components should have a (mostly) unique name in react dev tools to simplify code analyses2041483 - MetallB: quay.io/openshift/origin-kube-rbac-proxy:4.10 deploy Metallb CR is missing (controller and speaker pods)2041492 - Spacing between resources in inventory card is too small2041509 - GCP Cloud provider components should use K8s 1.23 dependencies2041510 - cluster-baremetal-operator doesn't run baremetal-operator's subscription webhook2041541 - audit: ManagedFields are dropped using API not annotation2041546 - ovnkube: set election timer at RAFT cluster creation time2041554 - use lease for leader election2041581 - KubeDescheduler operator log shows "Use of insecure cipher detected"2041583 - etcd and api server cpu mask interferes with a guaranteed workload2041598 - Including CA bundle in Azure Stack cloud config causes MCO failure2041605 - Dynamic Plugins: discrepancy in proxy alias documentation/implementation2041620 - bundle CSV alm-examples does not parse2041641 - Fix inotify leak and kubelet retaining memory2041671 - Delete templates leads to 404 page2041694 - [IPI on Alibabacloud] installation fails when region does not support the cloud_essd disk category2041734 - ovs hwol: VFs are unbind when switchdev mode is enabled2041750 - [IPI on Alibabacloud] trying "create install-config" with region "cn-wulanchabu (China (Ulanqab))" (or "ap-southeast-6 (Philippines (Manila))", "cn-guangzhou (China (Guangzhou))") failed due to invalid endpoint2041763 - The Observe > Alerting pages no longer have their default sort order applied2041830 - CI: ovn-kubernetes-master-e2e-aws-ovn-windows is broken2041854 - Communities / Local prefs are applied to all the services regardless of the pool, and only one community is applied2041882 - cloud-network-config operator can't work normal on GCP workload identity cluster2041888 - Intermittent incorrect build to run correlation, leading to run status updates applied to wrong build, builds stuck in non-terminal phases2041926 - [IPI on Alibabacloud] Installer ignores public zone when it does not exist2041971 - [vsphere] Reconciliation of mutating webhooks didn't happen2041989 - CredentialsRequest manifests being installed for ibm-cloud-managed profile2041999 - [PROXY] external dns pod cannot recognize custom proxy CA2042001 - unexpectedly found multiple load balancers2042029 - kubedescheduler fails to install completely2042036 - [IBMCLOUD] "openshift-install explain installconfig.platform.ibmcloud" contains not yet supported custom vpc parameters2042049 - Seeing warning related to unrecognized feature gate in kubescheduler & KCM logs2042059 - update discovery burst to reflect lots of CRDs on openshift clusters2042069 - Revert toolbox to rhcos-toolbox2042169 - Can not delete egressnetworkpolicy in Foreground propagation2042181 - MetalLB: User should not be allowed add same bgp advertisement twice in BGP address pool2042265 - [IBM]"--scale-down-utilization-threshold" doesn't work on IBMCloud2042274 - Storage API should be used when creating a PVC2042315 - Baremetal IPI deployment with IPv6 control plane and disabled provisioning network fails as the nodes do not pass introspection2042366 - Lifecycle hooks should be independently managed2042370 - [IPI on Alibabacloud] installer panics when the zone does not have an enhanced NAT gateway2042382 - [e2e][automation] CI takes more then 2 hours to run2042395 - Add prerequisites for active health checks test2042438 - Missing rpms in openstack-installer image2042466 - Selection does not happen when switching from Topology Graph to List View2042493 - No way to verify if IPs with leading zeros are still valid in the apiserver2042567 - insufficient info on CodeReady Containers configuration2042600 - Alone, the io.kubernetes.cri-o.Devices option poses a security risk2042619 - Overview page of the console is broken for hypershift clusters2042655 - [IPI on Alibabacloud] cluster becomes unusable if there is only one kube-apiserver pod running2042711 - [IBMCloud] Machine Deletion Hook cannot work on IBMCloud2042715 - [AliCloud] Machine Deletion Hook cannot work on AliCloud2042770 - [IPI on Alibabacloud] with vpcID & vswitchIDs specified, the installer would still try creating NAT gateway unexpectedly2042829 - Topology performance: HPA was fetched for each Deployment (Pod Ring)2042851 - Create template from SAP HANA template flow - VM is created instead of a new template2042906 - Edit machineset with same machine deletion hook name succeed2042960 - azure-file CI fails with "gid(0) in storageClass and pod fsgroup(1000) are not equal"2043003 - [IPI on Alibabacloud] 'destroy cluster' of a failed installation (bug2041694) stuck after 'stage=Nat gateways'2043042 - [Serial] [sig-auth][Feature:OAuthServer] [RequestHeaders] [IdP] test RequestHeaders IdP [Suite:openshift/conformance/serial]2043043 - Cluster Autoscaler should use K8s 1.23 dependencies2043064 - Topology performance: Unnecessary rerenderings in topology nodes (unchanged mobx props)2043078 - Favorite system projects not visible in the project selector after toggling "Show default projects".2043117 - Recommended operators links are erroneously treated as external2043130 - Update CSI sidecars to the latest release for 4.102043234 - Missing validation when creating several BGPPeers with the same peerAddress2043240 - Sync openshift/descheduler with sigs.k8s.io/descheduler2043254 - crio does not bind the security profiles directory2043296 - Ignition fails when reusing existing statically-keyed LUKS volume2043297 - [4.10] Bootimage bump tracker2043316 - RHCOS VM fails to boot on Nutanix AOS2043446 - Rebase aws-efs-utils to the latest upstream version.2043556 - Add proper ci-operator configuration to ironic and ironic-agent images2043577 - DPU network operator2043651 - Fix bug with exp. backoff working correcly when setting nextCheck in vsphere operator2043675 - Too many machines deleted by cluster autoscaler when scaling down2043683 - Revert bug 2039344 Ignoring IPv6 addresses against etcd cert validation2043709 - Logging flags no longer being bound to command line2043721 - Installer bootstrap hosts using outdated kubelet containing bugs2043731 - [IBMCloud] terraform outputs missing for ibmcloud bootstrap and worker ips for must-gather2043759 - Bump cluster-ingress-operator to k8s.io/api 1.232043780 - Bump router to k8s.io/api 1.232043787 - Bump cluster-dns-operator to k8s.io/api 1.232043801 - Bump CoreDNS to k8s.io/api 1.232043802 - EgressIP stopped working after single egressIP for a netnamespace is switched to the other node of HA pair after the first egress node is shutdown2043961 - [OVN-K] If pod creation fails, retry doesn't work as expected.2044201 - Templates golden image parameters names should be supported2044244 - Builds are failing after upgrading the cluster with builder image [jboss-webserver-5/jws56-openjdk8-openshift-rhel8]2044248 - [IBMCloud][vpc.block.csi.ibm.io]Cluster common user use the storageclass without parameter “csi.storage.k8s.io/fstype” create pvc,pod successfully but write data to the pod's volume failed of "Permission denied"2044303 - [ovn][cloud-network-config-controller] cloudprivateipconfigs ips were left after deleting egressip objects2044347 - Bump to kubernetes 1.23.32044481 - collect sharedresource cluster scoped instances with must-gather2044496 - Unable to create hardware events subscription - failed to add finalizers2044628 - CVE-2022-21673 grafana: Forward OAuth Identity Token can allow users to access some data sources2044680 - Additional libovsdb performance and resource consumption fixes2044704 - Observe > Alerting pages should not show runbook links in 4.102044717 - [e2e] improve tests for upstream test environment2044724 - Remove namespace column on VM list page when a project is selected2044745 - Upgrading cluster from 4.9 to 4.10 on Azure (ARO) causes the cloud-network-config-controller pod to CrashLoopBackOff2044808 - machine-config-daemon-pull.service: use `cp` instead of `cat` when extracting MCD in OKD2045024 - CustomNoUpgrade alerts should be ignored2045112 - vsphere-problem-detector has missing rbac rules for leases2045199 - SnapShot with Disk Hot-plug hangs2045561 - Cluster Autoscaler should use the same default Group value as Cluster API2045591 - Reconciliation of aws pod identity mutating webhook did not happen2045849 - Add Sprint 212 translations2045866 - MCO Operator pod spam "Error creating event" warning messages in 4.102045878 - Sync upstream 1.16.0 downstream; includes hybrid helm plugin2045916 - [IBMCloud] Default machine profile in installer is unreliable2045927 - [FJ OCP4.10 Bug]: Podman failed to pull the IPA image due to the loss of proxy environment2046025 - [IPI on Alibabacloud] pre-configured alicloud DNS private zone is deleted after destroying cluster, please clarify2046137 - oc output for unknown commands is not human readable2046296 - When creating multiple consecutive egressIPs on GCP not all of them get assigned to the instance2046297 - Bump DB reconnect timeout2046517 - In Notification drawer, the "Recommendations" header shows when there isn't any recommendations2046597 - Observe > Targets page may show the wrong service monitor is multiple monitors have the same namespace & label selectors2046626 - Allow setting custom metrics for Ansible-based Operators2046683 - [AliCloud]"--scale-down-utilization-threshold" doesn't work on AliCloud2047025 - Installation fails because of Alibaba CSI driver operator is degraded2047190 - Bump Alibaba CSI driver for 4.102047238 - When using communities and localpreferences together, only localpreference gets applied2047255 - alibaba: resourceGroupID not found2047258 - [aws-usgov] fatal error occurred if AMI is not provided for AWS GovCloud regions2047317 - Update HELM OWNERS files under Dev Console2047455 - [IBM Cloud] Update custom image os type2047496 - Add image digest feature2047779 - do not degrade cluster if storagepolicy creation fails2047927 - 'oc get project' caused 'Observed a panic: cannot deep copy core.NamespacePhase' when AllRequestBodies is used2047929 - use lease for leader election2047975 - [sig-network][Feature:Router] The HAProxy router should override the route host for overridden domains with a custom value [Skipped:Disconnected] [Suite:openshift/conformance/parallel]2048046 - New route annotation to show another URL or hide topology URL decorator doesn't work for Knative Services2048048 - Application tab in User Preferences dropdown menus are too wide.2048050 - Topology list view items are not highlighted on keyboard navigation2048117 - [IBM]Shouldn't change status.storage.bucket and status.storage.resourceKeyCRN when update sepc.stroage,ibmcos with invalid value2048413 - Bond CNI: Failed to attach Bond NAD to pod2048443 - Image registry operator panics when finalizes config deletion2048478 - [alicloud] CCM deploys alibaba-cloud-controller-manager from quay.io/openshift/origin-*2048484 - SNO: cluster-policy-controller failed to start due to missing serving-cert/tls.crt2048598 - Web terminal view is broken2048836 - ovs-configure mis-detecting the ipv6 status on IPv4 only cluster causing Deployment failure2048891 - Topology page is crashed2049003 - 4.10: [IBMCloud] ibm-vpc-block-csi-node does not specify an update strategy, only resource requests, or priority class2049043 - Cannot create VM from template2049156 - 'oc get project' caused 'Observed a panic: cannot deep copy core.NamespacePhase' when AllRequestBodies is used2049886 - Placeholder bug for OCP 4.10.0 metadata release2049890 - Warning annotation for pods with cpu requests or limits on single-node OpenShift cluster without workload partitioning2050189 - [aws-efs-csi-driver] Merge upstream changes since v1.3.22050190 - [aws-ebs-csi-driver] Merge upstream changes since v1.2.02050227 - Installation on PSI fails with: 'openstack platform does not have the required standard-attr-tag network extension'2050247 - Failing test in periodics: [sig-network] Services should respect internalTrafficPolicy=Local Pod and Node, to Pod (hostNetwork: true) [Feature:ServiceInternalTrafficPolicy] [Skipped:Network/OVNKubernetes] [Suite:openshift/conformance/parallel] [Suite:k8s]2050250 - Install fails to bootstrap, complaining about DefragControllerDegraded and sad members2050310 - ContainerCreateError when trying to launch large (>500) numbers of pods across nodes2050370 - alert data for burn budget needs to be updated to prevent regression2050393 - ZTP missing support for local image registry and custom machine config2050557 - Can not push images to image-registry when enabling KMS encryption in AlibabaCloud2050737 - Remove metrics and events for master port offsets2050801 - Vsphere upi tries to access vsphere during manifests generation phase2050883 - Logger object in LSO does not log source location accurately2051692 - co/image-registry is degrade because ImagePrunerDegraded: Job has reached the specified backoff limit2052062 - Whereabouts should implement client-go 1.22+2052125 - [4.10] Crio appears to be coredumping in some scenarios2052210 - [aws-c2s] kube-apiserver crashloops due to missing cloud config2052339 - Failing webhooks will block an upgrade to 4.10 mid-way through the upgrade.2052458 - [IBM Cloud] ibm-vpc-block-csi-controller does not specify an update strategy, priority class, or only resource requests2052598 - kube-scheduler should use configmap lease2052599 - kube-controller-manger should use configmap lease2052600 - Failed to scaleup RHEL machine against OVN cluster due to jq tool is required by configure-ovs.sh2052609 - [vSphere CSI driver Operator] RWX volumes counts metrics `vsphere_rwx_volumes_total` not valid2052611 - MetalLB: BGPPeer object does not have ability to set ebgpMultiHop2052612 - MetalLB: Webhook Validation: Two BGPPeers instances can have different router ID set.2052644 - Infinite OAuth redirect loop post-upgrade to 4.10.0-rc.12052666 - [4.10.z] change gitmodules to rhcos-4.10 branch2052756 - [4.10] PVs are not being cleaned up after PVC deletion2053175 - oc adm catalog mirror throws 'missing signature key' error when using file://local/index2053218 - ImagePull fails with error "unable to pull manifest from /busy.box:v5 invalid reference format"2053252 - Sidepanel for Connectors/workloads in topology shows invalid tabs2053268 - inability to detect static lifecycle failure2053314 - requestheader IDP test doesn't wait for cleanup, causing high failure rates2053323 - OpenShift-Ansible BYOH Unit Tests are Broken2053339 - Remove dev preview badge from IBM FlashSystem deployment windows2053751 - ztp-site-generate container is missing convenience entrypoint2053945 - [4.10] Failed to apply sriov policy on intel nics2054109 - Missing "app" label2054154 - RoleBinding in project without subject is causing "Project access" page to fail2054244 - Latest pipeline run should be listed on the top of the pipeline run list2054288 - console-master-e2e-gcp-console is broken2054562 - DPU network operator 4.10 branch need to sync with master2054897 - Unable to deploy hw-event-proxy operator2055193 - e2e-metal-ipi-serial-ovn-ipv6 is failing frequently2055358 - Summary Interval Hardcoded in PTP Operator if Set in the Global Body Instead of Command Line2055371 - Remove Check which enforces summary_interval must match logSyncInterval2055689 - [ibm]Operator storage PROGRESSING and DEGRADED is true during fresh install for ocp4.112055894 - CCO mint mode will not work for Azure after sunsetting of Active Directory Graph API2056441 - AWS EFS CSI driver should use the trusted CA bundle when cluster proxy is configured2056479 - ovirt-csi-driver-node pods are crashing intermittently2056572 - reconcilePrecaching error: cannot list resource "clusterserviceversions" in API group "operators.coreos.com" at the cluster scope"2056629 - [4.10] EFS CSI driver can't unmount volumes with "wait: no child processes"2056878 - (dummy bug) ovn-kubernetes ExternalTrafficPolicy still SNATs2056928 - Ingresscontroller LB scope change behaviour differs for different values of aws-load-balancer-internal annotation2056948 - post 1.23 rebase: regression in service-load balancer reliability2057438 - Service Level Agreement (SLA) always show 'Unknown'2057721 - Fix Proxy support in RHACM 2.4.22057724 - Image creation fails when NMstateConfig CR is empty2058641 - [4.10] Pod density test causing problems when using kube-burner2059761 - 4.9.23-s390x-machine-os-content manifest invalid when mirroring content for disconnected install2060610 - Broken access to public images: Unable to connect to the server: no basic auth credentials2060956 - service domain can't be resolved when networkpolicy is used in OCP 4.10-rc

Topic

Relevant Releases Architectures

Bugs Fixed

1808240 - Always return metrics value for pods under the user's namespace

1815189 - feature flagged UI does not always become available after operator installation

1825034 - e2e: Mock CSI tests fail on IBM ROKS clusters1826225 - edge terminated h2 (gRPC) connections need a haproxy template change to work correctly

1860774 - csr for vSphere egress nodes were not approved automatically during cert renewal

1878106 - token inactivity timeout is not shortened after oauthclient/oauth config values are lowered

1878925 - 'oc adm upgrade --to ...' rejects versions which occur only in history, while the cluster-version operator supports history fallback

1880738 - origin e2e test deletes original worker

1882983 - oVirt csi driver should refuse to provision RWX and ROX PV

1886450 - Keepalived router id check not documented for RHV/VMware IPI

1889488 - The metrics endpoint for the Scheduler is not protected by RBAC

1894431 - Router pods fail to boot if the SSL certificate applied is missing an empty line at the bottom

1896474 - Path based routing is broken for some combinations

1897431 - CIDR support for additional network attachment with the bridge CNI plug-in

1903408 - NodePort externalTrafficPolicy does not work for ovn-kubernetes

1907433 - Excessive logging in image operator

1909906 - The router fails with PANIC error when stats port already in use

1911173 - [MSTR-998] Many charts' legend names show {{}} instead of words

1914053 - pods assigned with Multus whereabouts IP get stuck in ContainerCreating state after node rebooting.

1916169 - a reboot while MCO is applying changes leaves the node in undesirable state and MCP looks fine (UPDATED=true)

1917893 - [ovirt] install fails: due to terraform error "Cannot attach Virtual Disk: Disk is locked" on vm resource

1921627 - GCP UPI installation failed due to exceeding gcp limitation of instance group name

1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation

1926522 - oc adm catalog does not clean temporary files

1927478 - Default CatalogSources deployed by marketplace do not have toleration for tainted nodes.

1928141 - kube-storage-version-migrator constantly reporting type "Upgradeable" status Unknown

1928285 - [LSO][OCS][arbiter] OCP Console shows no results while in fact underlying setup of LSO localvolumeset and it's storageclass is not yet finished, confusing users1931594 - [sig-cli] oc --request-timeout works as expected fails frequently on s390x

1933847 - Prometheus goes unavailable (both instances down) during 4.8 upgrade

1937085 - RHV UPI inventory playbook missing guarantee_memory

1937196 - [aws ebs csi driver] events for block volume expansion may cause confusion

1938236 - vsphere-problem-detector does not support overriding log levels via storage CR

1939401 - missed labels for CMO/openshift-state-metric/telemeter-client/thanos-querier pods

1939435 - Setting an IPv6 address in noProxy field causes error in openshift installer

1939552 - [sig-api-machinery] CustomResourcePublishOpenAPI [Privileged:ClusterAdmin] works for CRD preserving unknown fields in an embedded object [Conformance] [Suite:openshift/conformance/parallel/minimal] [Suite:k8s]

1942913 - ThanosSidecarUnhealthy isn't resilient to WAL replays.

1943363 - [ovn] CNO should gracefully terminate ovn-northd

1945274 - ostree-finalize-staged.service failed while upgrading a rhcos node to 4.6.17

1948080 - authentication should not set Available=False APIServices_Error with 503s

1949262 - Prometheus Statefulsets should have 2 replicas and hard affinity set

1949672 - [GCP] Update 4.8 UPI template to match ignition version: 3.2.0

1950827 - [LSO] localvolumediscoveryresult name is not friendly to customer

1952576 - csv_succeeded metric not present in olm-operator for all successful CSVs

1953264 - "remote error: tls: bad certificate" logs in prometheus-operator container

1955300 - Machine config operator reports unavailable for 23m during upgrade

1955489 - Alertmanager Statefulsets should have 2 replicas and hard affinity set

1955490 - Thanos ruler Statefulsets should have 2 replicas and hard affinity set

1955544 - [IPI][OSP] densed master-only installation with 0 workers fails due to missing worker security group on masters1956496 - Needs SR-IOV Docs Upstream

1956739 - Permission for authorized_keys for core user changes from core user to root when changed the pull secret

1956776 - [vSphere] Installer should do pre-check to ensure user-provided network name is valid

1956964 - upload a boot-source to OpenShift virtualization using the console

1957547 - [RFE]VM name is not auto filled in dev console

1958349 - ovn-controller doesn't release the memory after cluster-density run

1959352 - [scale] failed to get pod annotation: timed out waiting for annotations

1960378 - icsp allows mirroring of registry root - install-config imageContentSources does not

1960674 - Broken test: [sig-imageregistry][Serial][Suite:openshift/registry/serial] Image signature workflow can push a signed image to openshift registry and verify it [Suite:openshift/conformance/serial]

1961317 - storage ClusterOperator does not declare ClusterRoleBindings in relatedObjects

1961391 - String updates

1961509 - DHCP daemon pod should have CPU and memory requests set but not limits

1962066 - Edit machine/machineset specs not working

1962206 - openshift-multus/dhcp-daemon set should meet platform requirements for update strategy that have maxUnavailable update of 10 or 33 percent

1963053 - `oc whoami --show-console` should show the web console URL, not the server api URL

1964112 - route SimpleAllocationPlugin: host name validation errors: spec.host: Invalid value: ... must be no more than 63 characters1964327 - Support containers with name:tag@digest

1964789 - Send keys and disconnect does not work for VNC console

1965368 - ClusterQuotaAdmission received non-meta object - message constantly reported in OpenShift Container Platform 4.7

1966445 - Unmasking a service doesn't work if it masked using MCO

1966477 - Use GA version in KAS/OAS/OauthAS to avoid: "audit.k8s.io/v1beta1" is deprecated and will be removed in a future release, use "audit.k8s.io/v1" instead

1966521 - kube-proxy's userspace implementation consumes excessive CPU

1968364 - [Azure] when using ssh type ed25519 bootstrap fails to come up

1970021 - nmstate does not persist its configuration due to overlay systemd-connections-merged mount

1970218 - MCO writes incorrect file contents if compression field is specified

1970331 - [sig-auth][Feature:SCC][Early] should not have pod creation failures during install [Suite:openshift/conformance/parallel]

1970805 - Cannot create build when docker image url contains dir structure

1972033 - [azure] PV region node affinity is failure-domain.beta.kubernetes.io instead of topology.kubernetes.io

1972827 - image registry does not remain available during upgrade

1972962 - Should set the minimum value for the `--max-icsp-size` flag of `oc adm catalog mirror`

1973447 - ovn-dbchecker peak memory spikes to ~500MiB during cluster-density run

1975826 - ovn-kubernetes host directed traffic cannot be offloaded as CT zone 64000 is not established

1976301 - [ci] e2e-azure-upi is permafailing

1976399 - During the upgrade from OpenShift 4.5 to OpenShift 4.6 the election timers for the OVN north and south databases did not change.

1976674 - CCO didn't set Upgradeable to False when cco mode is configured to Manual on azure platform

1976894 - Unidling a StatefulSet does not work as expected

1977319 - [Hive] Remove stale cruft installed by CVO in earlier releases

1977414 - Build Config timed out waiting for condition 400: Bad Request

1977929 - [RFE] Display Network Attachment Definitions from openshift-multus namespace during OCS deployment via UI using Multus

1978528 - systemd-coredump started and failed intermittently for unknown reasons

1978581 - machine-config-operator: remove runlevel from mco namespace

1979562 - Cluster operators: don't show messages when neither progressing, degraded or unavailable

1979962 - AWS SDN Network Stress tests have not passed in 4.9 release-openshift-origin-installer-e2e-aws-sdn-network-stress-4.9

1979966 - OCP builds always fail when run on RHEL7 nodes

1981396 - Deleting pool inside pool page the pool stays in Ready phase in the heading

1981549 - Machine-config daemon does not recover from broken Proxy configuration

1981867 - [sig-cli] oc explain should contain proper fields description for special types [Suite:openshift/conformance/parallel]

1981941 - Terraform upgrade required in openshift-installer to resolve multiple issues

1982063 - 'Control Plane' is not translated in Simplified Chinese language in Home->Overview page

1982498 - Default registry credential path should be adjusted to use containers/auth.json for oc commands

1982662 - Workloads - DaemonSets - Add storage: i18n misses

1982726 - kube-apiserver audit logs show a lot of 404 errors for DELETE "*/secrets/encryption-config" on single node clusters1983758 - upgrades are failing on disruptive tests

1983964 - Need Device plugin configuration for the NIC "needVhostNet" & "isRdma"

1984592 - global pull secret not working in OCP4.7.4+ for additional private registries

1985073 - new-in-4.8 ExtremelyHighIndividualControlPlaneCPU fires on some GCP update jobs

1985486 - Cluster Proxy not used during installation on OSP with Kuryr

1985724 - VM Details Page missing translations

1985838 - [OVN] CNO exportNetworkFlows does not clear collectors when deleted

1985933 - Downstream image registry recommendation

1985965 - oVirt CSI driver does not report volume stats

1986216 - [scale] SNO: Slow Pod recovery due to "timed out waiting for OVS port binding"

1986237 - "MachineNotYetDeleted" in Pending state , alert not fired

1986239 - crictl create fails with "PID namespace requested, but sandbox infra container invalid"

1986302 - console continues to fetch prometheus alert and silences for normal user

1986314 - Current MTV installation for KubeVirt import flow creates unusable Forklift UI

1986338 - error creating list of resources in Import YAML

1986502 - yaml multi file dnd duplicates previous dragged files

1986819 - fix string typos for hot-plug disks

1987044 - [OCPV48] Shutoff VM is being shown as "Starting" in WebUI when using spec.runStrategy Manual/RerunOnFailure

1987136 - Declare operatorframework.io/arch.* labels for all operators1987257 - Go-http-client user-agent being used for oc adm mirror requests

1987263 - fsSpaceFillingUpWarningThreshold not aligned to Kubernetes Garbage Collection Threshold

1987445 - MetalLB integration: All gateway routers in the cluster answer ARP requests for LoadBalancer services IP

1988406 - SSH key dropped when selecting "Customize virtual machine" in UI

1988440 - Network operator changes ovnkube-config too early causing ovnkube-master pods to crashloop during cluster upgrade

1988483 - Azure drop ICMP need to frag FRAG when using OVN: openshift-apiserver becomes False after env runs some time due to communication between one master to pods on another master fails with "Unable to connect to the server"

1988879 - Virtual media based deployment fails on Dell servers due to pending Lifecycle Controller jobs

1989438 - expected replicas is wrong

1989502 - Developer Catalog is disappearing after short time

1989843 - 'More' and 'Show Less' functions are not translated on several page

1990014 - oc debug does not work for Windows pods

1990190 - e2e testing failed with basic manifest: reason/ExternalProvisioning waiting for a volume to be created

1990193 - 'more' and 'Show Less' is not being translated on Home -> Search page

1990255 - Partial or all of the Nodes/StorageClasses don't appear back on UI after text is removed from search bar

1990489 - etcdHighNumberOfFailedGRPCRequests fires only on metal env in CI

1990506 - Missing udev rules in initramfs for /dev/disk/by-id/scsi-* symlinks

1990556 - get-resources.sh doesn't honor the no_proxy settings even with no_proxy var

1990625 - Ironic agent registers with SLAAC address with privacy-stable

1990635 - CVO does not recognize the channel change if desired version and channel changed at the same time

1991067 - github.com can not be resolved inside pods where cluster is running on openstack.

1991573 - Enable typescript strictNullCheck on network-policies files

1991641 - Baremetal Cluster Operator still Available After Delete Provisioning

1991770 - The logLevel and operatorLogLevel values do not work with Cloud Credential Operator

1991819 - Misspelled word "ocurred" in oc inspect cmd

1991942 - Alignment and spacing fixes

1992414 - Two rootdisks show on storage step if 'This is a CD-ROM boot source' is checked

1992453 - The configMap failed to save on VM environment tab

1992466 - The button 'Save' and 'Reload' are not translated on vm environment tab

1992475 - The button 'Open console in New Window' and 'Disconnect' are not translated on vm console tab

1992509 - Could not customize boot source due to source PVC not found

1992541 - all the alert rules' annotations "summary" and "description" should comply with the OpenShift alerting guidelines

1992580 - storageProfile should stay with the same value by check/uncheck the apply button

1992592 - list-type missing in oauth.config.openshift.io for identityProviders breaking Server Side Apply

1992777 - [IBMCLOUD] Default "ibm_iam_authorization_policy" is not working as expected in all scenarios

1993364 - cluster destruction fails to remove router in BYON with Kuryr as primary network (even after BZ 1940159 got fixed)

1993376 - periodic-ci-openshift-release-master-ci-4.6-upgrade-from-stable-4.5-e2e-azure-upgrade is permfailing

1994094 - Some hardcodes are detected at the code level in OpenShift console components

1994142 - Missing required cloud config fields for IBM Cloud

1994733 - MetalLB: IP address is not assigned to service if there is duplicate IP address in two address pools

1995021 - resolv.conf and corefile sync slows down/stops after keepalived container restart

1995335 - [SCALE] ovnkube CNI: remove ovs flows check

1995493 - Add Secret to workload button and Actions button are not aligned on secret details page

1995531 - Create RDO-based Ironic image to be promoted to OKD

1995545 - Project drop-down amalgamates inside main screen while creating storage system for odf-operator

1995887 - [OVN]After reboot egress node, lr-policy-list was not correct, some duplicate records or missed internal IPs

1995924 - CMO should report `Upgradeable: false` when HA workload is incorrectly spread

1996023 - kubernetes.io/hostname values are larger than filter when create localvolumeset from webconsole

1996108 - Allow backwards compatibility of shared gateway mode to inject host-based routes into OVN

1996624 - 100% of the cco-metrics/cco-metrics targets in openshift-cloud-credential-operator namespace are down

1996630 - Fail to delete the first Authorized SSH Key input box on Advanced page

1996647 - Provide more useful degraded message in auth operator on DNS errors1996736 - Large number of 501 lr-policies in INCI2 env

1996886 - timedout waiting for flows during pod creation and ovn-controller pegged on worker nodes

1996916 - Special Resource Operator(SRO) - Fail to deploy simple-kmod on GCP

1996928 - Enable default operator indexes on ARM

1997028 - prometheus-operator update removes env var support for thanos-sidecar

1997059 - Failed to create cluster in AWS us-east-1 region due to a local zone is used

1997226 - Ingresscontroller reconcilations failing but not shown in operator logs or status of ingresscontroller.

1997245 - "Subscription already exists in openshift-storage namespace" error message is seen while installing odf-operator via UI

1997269 - Have to refresh console to install kube-descheduler

1997478 - Storage operator is not available after reboot cluster instances

1997509 - flake: [sig-cli] oc builds new-build [Skipped:Disconnected] [Suite:openshift/conformance/parallel]

1997967 - storageClass is not reserved from default wizard to customize wizard

1998035 - openstack IPI CI: custom var-lib-etcd.mount (ramdisk) unit is racing due to incomplete After/Before order

1998038 - [e2e][automation] add tests for UI for VM disk hot-plug

1998087 - Fix CephHealthCheck wrapping contents and add data-tests for HealthItem and SecondaryStatus

1998174 - Create storageclass gp3-csi after install ocp cluster on aws

1998183 - "r: Bad Gateway" info is improper

1998235 - Firefox warning: Cookie “csrf-token” will be soon rejected

1998377 - Filesystem table head is not full displayed in disk tab

1998378 - Virtual Machine is 'Not available' in Home -> Overview -> Cluster inventory

1998519 - Add fstype when create localvolumeset instance on web console

1998951 - Keepalived conf ingress peer on in Dual stack cluster contains both IPv6 and IPv4 addresses

1999076 - [UI] Page Not Found error when clicking on Storage link provided in Overview page

1999079 - creating pods before sriovnetworknodepolicy sync up succeed will cause node unschedulable

1999091 - Console update toast notification can appear multiple times

1999133 - removing and recreating static pod manifest leaves pod in error state

1999246 - .indexignore is not ingore when oc command load dc configuration

1999250 - ArgoCD in GitOps operator can't manage namespaces

1999255 - ovnkube-node always crashes out the first time it starts

1999261 - ovnkube-node log spam (and security token leak?)

1999309 - While installing odf-operator via UI, web console update pop-up navigates to OperatorHub -> Operator Installation page

1999314 - console-operator is slow to mark Degraded as False once console starts working

1999425 - kube-apiserver with "[SHOULD NOT HAPPEN] failed to update managedFields" err="failed to convert new object (machine.openshift.io/v1beta1, Kind=MachineHealthCheck)

1999556 - "master" pool should be updated before the CVO reports available at the new version occurred

1999578 - AWS EFS CSI tests are constantly failing

1999603 - Memory Manager allows Guaranteed QoS Pod with hugepages requested is exactly equal to the left over Hugepages

1999619 - cloudinit is malformatted if a user sets a password during VM creation flow

1999621 - Empty ssh_authorized_keys entry is added to VM's cloudinit if created from a customize flow

1999649 - MetalLB: Only one type of IP address can be assigned to service on dual stack cluster from a address pool that have both IPv4 and IPv6 addresses defined

1999668 - openshift-install destroy cluster panic's when given invalid credentials to cloud provider (Azure Stack Hub)

1999734 - IBM Cloud CIS Instance CRN missing in infrastructure manifest/resource

1999771 - revert "force cert rotation every couple days for development" in 4.10

1999784 - CVE-2021-3749 nodejs-axios: Regular expression denial of service in trim function

1999796 - Openshift Console `Helm` tab is not showing helm releases in a namespace when there is high number of deployments in the same namespace.

1999836 - Admin web-console inconsistent status summary of sparse ClusterOperator conditions

1999903 - Click "This is a CD-ROM boot source" ticking "Use template size PVC" on pvc upload form

1999983 - No way to clear upload error from template boot source

2000081 - [IPI baremetal] The metal3 pod failed to restart when switching from Disabled to Managed provisioning without specifying provisioningInterface parameter

2000096 - Git URL is not re-validated on edit build-config form reload

2000216 - Successfully imported ImageStreams are not resolved in DeploymentConfig

2000236 - Confusing usage message from dynkeepalived CLI

2000268 - Mark cluster unupgradable if vcenter, esxi versions or HW versions are unsupported

2000430 - bump cluster-api-provider-ovirt version in installer

2000450 - 4.10: Enable static PV multi-az test

2000490 - All critical alerts shipped by CMO should have links to a runbook

2000521 - Kube-apiserver CO degraded due to failed conditional check (ConfigObservationDegraded)

2000573 - Incorrect StorageCluster CR created and ODF cluster getting installed with 2 Zone OCP cluster

2000628 - ibm-flashsystem-storage-storagesystem got created without any warning even when the attempt was cancelled

2000651 - ImageStreamTag alias results in wrong tag and invalid link in Web Console

2000754 - IPerf2 tests should be lower

2000846 - Structure logs in the entire codebase of Local Storage Operator

2000872 - [tracker] container is not able to list on some directories within the nfs after upgrade to 4.7.24

2000877 - OCP ignores STOPSIGNAL in Dockerfile and sends SIGTERM

2000938 - CVO does not respect changes to a Deployment strategy

2000963 - 'Inline-volume (default fs)] volumes should store data' tests are failing on OKD with updated selinux-policy

2001008 - [MachineSets] CloneMode defaults to linkedClone, but I don't have snapshot and should be fullClone

2001240 - Remove response headers for downloads of binaries from OpenShift WebConsole

2001295 - Remove openshift:kubevirt-machine-controllers decleration from machine-api

2001317 - OCP Platform Quota Check - Inaccurate MissingQuota error

2001337 - Details Card in ODF Dashboard mentions OCS

2001339 - fix text content hotplug

2001413 - [e2e][automation] add/delete nic and disk to template

2001441 - Test: oc adm must-gather runs successfully for audit logs - fail due to startup log

2001442 - Empty termination.log file for the kube-apiserver has too permissive mode

2001479 - IBM Cloud DNS unable to create/update records

2001566 - Enable alerts for prometheus operator in UWM

2001575 - Clicking on the perspective switcher shows a white page with loader

2001577 - Quick search placeholder is not displayed properly when the search string is removed

2001578 - [e2e][automation] add tests for vm dashboard tab

2001605 - PVs remain in Released state for a long time after the claim is deleted

2001617 - BucketClass Creation is restricted on 1st page but enabled using side navigation options

2001620 - Cluster becomes degraded if it can't talk to Manila

2001760 - While creating 'Backing Store', 'Bucket Class', 'Namespace Store' user is navigated to 'Installed Operators' page after clicking on ODF

2001761 - Unable to apply cluster operator storage for SNO on GCP platform.

2001765 - Some error message in the log of diskmaker-manager caused confusion

2001784 - show loading page before final results instead of showing a transient message No log files exist

2001804 - Reload feature on Environment section in Build Config form does not work properly

2001810 - cluster admin unable to view BuildConfigs in all namespaces

2001817 - Failed to load RoleBindings list that will lead to ‘Role name’ is not able to be selected on Create RoleBinding page as well

2001823 - OCM controller must update operator status

2001825 - [SNO]ingress/authentication clusteroperator degraded when enable ccm from start

2001835 - Could not select image tag version when create app from dev console

2001855 - Add capacity is disabled for ocs-storagecluster

2001856 - Repeating event: MissingVersion no image found for operand pod

2001959 - Side nav list borders don't extend to edges of container

2002007 - Layout issue on "Something went wrong" page

2002010 - ovn-kube may never attempt to retry a pod creation

2002012 - Cannot change volume mode when cloning a VM from a template

2002027 - Two instances of Dotnet helm chart show as one in topology

2002075 - opm render does not automatically pulling in the image(s) used in the deployments

2002121 - [OVN] upgrades failed for IPI OSP16 OVN IPSec cluster

2002125 - Network policy details page heading should be updated to Network Policy details

2002133 - [e2e][automation] add support/virtualization and improve deleteResource

2002134 - [e2e][automation] add test to verify vm details tab

2002215 - Multipath day1 not working on s390x

2002238 - Image stream tag is not persisted when switching from yaml to form editor

2002262 - [vSphere] Incorrect user agent in vCenter sessions list

2002266 - SinkBinding create form doesn't allow to use subject name, instead of label selector

2002276 - OLM fails to upgrade operators immediately

2002300 - Altering the Schedule Profile configurations doesn't affect the placement of the pods

2002354 - Missing DU configuration "Done" status reporting during ZTP flow

2002362 - Dynamic Plugin - ConsoleRemotePlugin for webpack doesn't use commonjs

2002368 - samples should not go degraded when image allowedRegistries blocks imagestream creation

2002372 - Pod creation failed due to mismatched pod IP address in CNI and OVN

2002397 - Resources search is inconsistent

2002434 - CRI-O leaks some children PIDs

2002443 - Getting undefined error on create local volume set page

2002461 - DNS operator performs spurious updates in response to API's defaulting of service's internalTrafficPolicy

2002504 - When the openshift-cluster-storage-operator is degraded because of "VSphereProblemDetectorController_SyncError", the insights operator is not sending the logs from all pods.

2002559 - User preference for topology list view does not follow when a new namespace is created

2002567 - Upstream SR-IOV worker doc has broken links

2002588 - Change text to be sentence case to align with PF

2002657 - ovn-kube egress IP monitoring is using a random port over the node network

2002713 - CNO: OVN logs should have millisecond resolution

2002748 - [ICNI2] 'ErrorAddingLogicalPort' failed to handle external GW check: timeout waiting for namespace event

2002759 - Custom profile should not allow not including at least one required HTTP2 ciphersuite

2002763 - Two storage systems getting created with external mode RHCS

2002808 - KCM does not use web identity credentials

2002834 - Cluster-version operator does not remove unrecognized volume mounts

2002896 - Incorrect result return when user filter data by name on search page

2002950 - Why spec.containers.command is not created with "oc create deploymentconfig --image= -- "

2003096 - [e2e][automation] check bootsource URL is displaying on review step

2003113 - OpenShift Baremetal IPI installer uses first three defined nodes under hosts in install-config for master nodes instead of filtering the hosts with the master role

2003120 - CI: Uncaught error with ResizeObserver on operand details page

2003145 - Duplicate operand tab titles causes "two children with the same key" warning

2003164 - OLM, fatal error: concurrent map writes

2003178 - [FLAKE][knative] The UI doesn't show updated traffic distribution after accepting the form

2003193 - Kubelet/crio leaks netns and veth ports in the host

2003195 - OVN CNI should ensure host veths are removed

2003204 - Jenkins all new container images (openshift4/ose-jenkins) not supporting '-e JENKINS_PASSWORD=password' ENV which was working for old container images

2003206 - Namespace stuck terminating: Failed to delete all resource types, 1 remaining: unexpected items still remain in namespace

2003239 - "[sig-builds][Feature:Builds][Slow] can use private repositories as build input" tests fail outside of CI

2003244 - Revert libovsdb client code

2003251 - Patternfly components with list element has list item bullet when they should not.

2003252 - "[sig-builds][Feature:Builds][Slow] starting a build using CLI start-build test context override environment BUILD_LOGLEVEL in buildconfig" tests do not work as expected outside of CI

2003269 - Rejected pods should be filtered from admission regression

2003357 - QE- Removing the epic tags for gherkin tags related to 4.9 Release

2003426 - [e2e][automation] add test for vm details bootorder

2003496 - [e2e][automation] add test for vm resources requirment settings

2003641 - All metal ipi jobs are failing in 4.10

2003651 - ODF4.9+LSO4.8 installation via UI, StorageCluster move to error state

2003655 - [IPI ON-PREM] Keepalived chk_default_ingress track script failed even though default router pod runs on node

2003683 - Samples operator is panicking in CI

2003711 - [UI] Empty file ceph-external-cluster-details-exporter.py downloaded from external cluster "Connection Details" page

2003715 - Error on creating local volume set after selection of the volume mode

2003743 - Remove workaround keeping /boot RW for kdump support

2003775 - etcd pod on CrashLoopBackOff after master replacement procedure

2003788 - CSR reconciler report error constantly when BYOH CSR approved by other Approver

2003792 - Monitoring metrics query graph flyover panel is useless

2003808 - Add Sprint 207 translations

2003845 - Project admin cannot access image vulnerabilities view

2003859 - sdn emits events with garbage messages

2003896 - (release-4.10) ApiRequestCounts conditional gatherer

2004009 - 4.10: Fix multi-az zone scheduling e2e for 5 control plane replicas

2004051 - CMO can report as being Degraded while node-exporter is deployed on all nodes

2004059 - [e2e][automation] fix current tests for downstream

2004060 - Trying to use basic spring boot sample causes crash on Firefox

2004101 - [UI] When creating storageSystem deployment type dropdown under advanced setting doesn't close after selection

2004127 - [flake] openshift-controller-manager event reason/SuccessfulDelete occurs too frequently

2004203 - build config's created prior to 4.8 with image change triggers can result in trigger storm in OCM/openshift-apiserver

2004313 - [RHOCP 4.9.0-rc.0] Failing to deploy Azure cluster from the macOS installer - ignition_bootstrap.ign: no such file or directory

2004449 - Boot option recovery menu prevents image boot

2004451 - The backup filename displayed in the RecentBackup message is incorrect

2004459 - QE - Modified the AddFlow gherkin scripts and automation scripts

2004508 - TuneD issues with the recent ConfigParser changes.

2004510 - openshift-gitops operator hooks gets unauthorized (401) errors during jobs executions

2004542 - [osp][octavia lb] cannot create LoadBalancer type svcs

2004578 - Monitoring and node labels missing for an external storage platform

2004585 - prometheus-k8s-0 cpu usage keeps increasing for the first 3 days

2004596 - [4.10] Bootimage bump tracker

2004597 - Duplicate ramdisk log containers running

2004600 - Duplicate ramdisk log containers running

2004609 - output of "crictl inspectp" is not complete

2004625 - BMC credentials could be logged if they change

2004632 - When LE takes a large amount of time, multiple whereabouts are seen

2004721 - ptp/worker custom threshold doesn't change ptp events threshold

2004736 - [knative] Create button on new Broker form is inactive despite form being filled

2004796 - [e2e][automation] add test for vm scheduling policy

2004814 - (release-4.10) OCM controller - change type of the etc-pki-entitlement secret to opaque

2004870 - [External Mode] Insufficient spacing along y-axis in RGW Latency Performance Card

2004901 - [e2e][automation] improve kubevirt devconsole tests

2004962 - Console frontend job consuming too much CPU in CI

2005014 - state of ODF StorageSystem is misreported during installation or uninstallation

2005052 - Adding a MachineSet selector matchLabel causes orphaned Machines

2005179 - pods status filter is not taking effect

2005182 - sync list of deprecated apis about to be removed

2005282 - Storage cluster name is given as title in StorageSystem details page

2005355 - setuptools 58 makes Kuryr CI fail

2005407 - ClusterNotUpgradeable Alert should be set to Severity Info

2005415 - PTP operator with sidecar api configured throws bind: address already in use

2005507 - SNO spoke cluster failing to reach coreos.live.rootfs_url is missing url in console

2005554 - The switch status of the button "Show default project" is not revealed correctly in code

2005581 - 4.8.12 to 4.9 upgrade hung due to cluster-version-operator pod CrashLoopBackOff: error creating clients: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable

2005761 - QE - Implementing crw-basic feature file

2005783 - Fix accessibility issues in the "Internal" and "Internal - Attached Mode" Installation Flow

2005811 - vSphere Problem Detector operator - ServerFaultCode: InvalidProperty

2005854 - SSH NodePort service is created for each VM

2005901 - KS, KCM and KA going Degraded during master nodes upgrade

2005902 - Current UI flow for MCG only deployment is confusing and doesn't reciprocate any message to the end-user

2005926 - PTP operator NodeOutOfPTPSync rule is using max offset from the master instead of openshift_ptp_clock_state metrics

2005971 - Change telemeter to report the Application Services product usage metrics

2005997 - SELinux domain container_logreader_t does not have a policy to follow sym links for log files

2006025 - Description to use an existing StorageClass while creating StorageSystem needs to be re-phrased

2006060 - ocs-storagecluster-storagesystem details are missing on UI for MCG Only and MCG only in LSO mode deployment types

2006101 - Power off fails for drivers that don't support Soft power off

2006243 - Metal IPI upgrade jobs are running out of disk space

2006291 - bootstrapProvisioningIP set incorrectly when provisioningNetworkCIDR doesn't use the 0th address

2006308 - Backing Store YAML tab on click displays a blank screen on UI

2006325 - Multicast is broken across nodes

2006329 - Console only allows Web Terminal Operator to be installed in OpenShift Operators2006364 - IBM Cloud: Set resourceGroupId for resourceGroups, not simply resource

2006561 - [sig-instrumentation] Prometheus when installed on the cluster shouldn't have failing rules evaluation [Skipped:Disconnected] [Suite:openshift/conformance/parallel]

2006690 - OS boot failure "x64 Exception Type 06 - Invalid Opcode Exception"

2006714 - add retry for etcd errors in kube-apiserver

2006767 - KubePodCrashLooping may not fire

2006803 - Set CoreDNS cache entries for forwarded zones

2006861 - Add Sprint 207 part 2 translations

2006945 - race condition can cause crashlooping bootstrap kube-apiserver in cluster-bootstrap

2006947 - e2e-aws-proxy for 4.10 is permafailing with samples operator errors2006975 - clusteroperator/etcd status condition should not change reasons frequently due to EtcdEndpointsDegraded

2007085 - Intermittent failure mounting /run/media/iso when booting live ISO from USB stick

2007136 - Creation of BackingStore, BucketClass, NamespaceStore fails

2007271 - CI Integration for Knative test cases

2007289 - kubevirt tests are failing in CI

2007322 - Devfile/Dockerfile import does not work for unsupported git host

2007328 - Updated patternfly to v4.125.3 and pf.quickstarts to v1.2.3.

2007379 - Events are not generated for master offset for ordinary clock

2007443 - [ICNI 2.0] Loadbalancer pods do not establish BFD sessions with all workers that host pods for the routed namespace

2007455 - cluster-etcd-operator: render command should fail if machineCidr contains reserved address

2007495 - Large label value for the metric kubelet_started_pods_errors_total with label message when there is a error

2007522 - No new local-storage-operator-metadata-container is build for 4.10

2007551 - No new ose-aws-efs-csi-driver-operator-bundle-container is build for 4.10

2007580 - Azure cilium installs are failing e2e tests

2007581 - Too many haproxy processes in default-router pod causing high load average after upgrade from v4.8.3 to v4.8.10

2007677 - Regression: core container io performance metrics are missing for pod, qos, and system slices on nodes

2007692 - 4.9 "old-rhcos" jobs are permafailing with storage test failures

2007710 - ci/prow/e2e-agnostic-cmd job is failing on prow

2007757 - must-gather extracts imagestreams in the "openshift" namespace, but not Templates

2007802 - AWS machine actuator get stuck if machine is completely missing

2008096 - TestAWSFinalizerDeleteS3Bucket sometimes fails to teardown operator

2008119 - The serviceAccountIssuer field on Authentication CR is reseted to “” when installation process

2008151 - Topology breaks on clicking in empty state

2008185 - Console operator go.mod should use go 1.16.version

2008201 - openstack-az job is failing on haproxy idle test

2008207 - vsphere CSI driver doesn't set resource limits

2008223 - gather_audit_logs: fix oc command line to get the current audit profile

2008235 - The Save button in the Edit DC form remains disabled

2008256 - Update Internationalization README with scope info

2008321 - Add correct documentation link for MON_DISK_LOW

2008462 - Disable PodSecurity feature gate for 4.10

2008490 - Backing store details page does not contain all the kebab actions.

2008521 - gcp-hostname service should correct invalid search entries in resolv.conf

2008532 - CreateContainerConfigError:: failed to prepare subPath for volumeMount

2008539 - Registry doesn't fall back to secondary ImageContentSourcePolicy Mirror

2008540 - HighlyAvailableWorkloadIncorrectlySpread always fires on upgrade on cluster with two workers2008599 - Azure Stack UPI does not have Internal Load Balancer

2008612 - Plugin asset proxy does not pass through browser cache headers2008712 - VPA webhook timeout prevents all pods from starting

2008733 - kube-scheduler: exposed /debug/pprof port

2008911 - Prometheus repeatedly scaling prometheus-operator replica set

2008926 - [sig-api-machinery] API data in etcd should be stored at the correct location and version for all resources [Serial] [Suite:openshift/conformance/serial]

2008987 - OpenShift SDN Hosted Egress IP's are not being scheduled to nodes after upgrade to 4.8.12

2009055 - Instances of OCS to be replaced with ODF on UI

2009078 - NetworkPodsCrashLooping alerts in upgrade CI jobs

2009083 - opm blocks pruning of existing bundles during add

2009111 - [IPI-on-GCP] 'Install a cluster with nested virtualization enabled' failed due to unable to launch compute instances

2009131 - [e2e][automation] add more test about vmi

2009148 - [e2e][automation] test vm nic presets and options

2009233 - ACM policy object generated by PolicyGen conflicting with OLM Operator

2009253 - [BM] [IPI] [DualStack] apiVIP and ingressVIP should be of the same primary IP family

2009298 - Service created for VM SSH access is not owned by the VM and thus is not deleted if the VM is deleted

2009384 - UI changes to support BindableKinds CRD changes

2009404 - ovnkube-node pod enters CrashLoopBackOff after OVN_IMAGE is swapped

2009424 - Deployment upgrade is failing availability check

2009454 - Change web terminal subscription permissions from get to list

2009465 - container-selinux should come from rhel8-appstream

2009514 - Bump OVS to 2.16-15

2009555 - Supermicro X11 system not booting from vMedia with AI

2009623 - Console: Observe > Metrics page: Table pagination menu shows bullet points

2009664 - Git Import: Edit of knative service doesn't work as expected for git import flow

2009699 - Failure to validate flavor RAM

2009754 - Footer is not sticky anymore in import forms

2009785 - CRI-O's version file should be pinned by MCO

2009791 - Installer: ibmcloud ignores install-config values

2009823 - [sig-arch] events should not repeat pathologically - reason/VSphereOlderVersionDetected Marking cluster un-upgradeable because one or more VMs are on hardware version vmx-13

2009840 - cannot build extensions on aarch64 because of unavailability of rhel-8-advanced-virt repo

2009859 - Large number of sessions created by vmware-vsphere-csi-driver-operator during e2e tests

2009873 - Stale Logical Router Policies and Annotations for a given node

2009879 - There should be test-suite coverage to ensure admin-acks work as expected

2009888 - SRO package name collision between official and community version

2010073 - uninstalling and then reinstalling sriov-network-operator is not working

2010174 - 2 PVs get created unexpectedly with different paths that actually refer to the same device on the node.

2010181 - Environment variables not getting reset on reload on deployment edit form

2010310 - [sig-instrumentation][Late] OpenShift alerting rules should have description and summary annotations [Skipped:Disconnected] [Suite:openshift/conformance/parallel]

2010341 - OpenShift Alerting Rules Style-Guide Compliance

2010342 - Local console builds can have out of memory errors2010345 - OpenShift Alerting Rules Style-Guide Compliance

2010348 - Reverts PIE build mode for K8S components

2010352 - OpenShift Alerting Rules Style-Guide Compliance

2010354 - OpenShift Alerting Rules Style-Guide Compliance

2010359 - OpenShift Alerting Rules Style-Guide Compliance

2010368 - OpenShift Alerting Rules Style-Guide Compliance

2010376 - OpenShift Alerting Rules Style-Guide Compliance

2010662 - Cluster is unhealthy after image-registry-operator tests

2010663 - OpenShift Alerting Rules Style-Guide Compliance (ovn-kubernetes subcomponent)

2010665 - Bootkube tries to use oc after cluster bootstrap is done and there is no API

2010698 - [BM] [IPI] [Dual Stack] Installer must ensure ipv6 short forms too if clusterprovisioning IP is specified as ipv6 address

2010719 - etcdHighNumberOfFailedGRPCRequests runbook is missing

2010864 - Failure building EFS operator

2010910 - ptp worker events unable to identify interface for multiple interfaces

2010911 - RenderOperatingSystem() returns wrong OS version on OCP 4.7.24

2010921 - Azure Stack Hub does not handle additionalTrustBundle

2010931 - SRO CSV uses non default category "Drivers and plugins"

2010946 - concurrent CRD from ovirt-csi-driver-operator gets reconciled by CVO after deployment, changing CR as well.

2011038 - optional operator conditions are confusing

2011063 - CVE-2021-39226 grafana: Snapshot authentication bypass

2011171 - diskmaker-manager constantly redeployed by LSO when creating LV's

2011293 - Build pod are not pulling images if we are not explicitly giving the registry name with the image

2011368 - Tooltip in pipeline visualization shows misleading data

2011386 - [sig-arch] Check if alerts are firing during or after upgrade success --- alert KubePodNotReady fired for 60 seconds with labels

2011411 - Managed Service's Cluster overview page contains link to missing Storage dashboards

2011443 - Cypress tests assuming Admin Perspective could fail on shared/reference cluster

2011513 - Kubelet rejects pods that use resources that should be freed by completed pods

2011668 - Machine stuck in deleting phase in VMware "reconciler failed to Delete machine"

2011693 - (release-4.10) "insightsclient_request_recvreport_total" metric is always incremented

2011698 - After upgrading cluster to 4.8 the kube-state-metrics service doesn't export namespace labels anymore

2011733 - Repository README points to broken documentarion link

2011753 - Ironic resumes clean before raid configuration job is actually completed

2011809 - The nodes page in the openshift console doesn't work. You just get a blank page

2011822 - Obfuscation doesn't work at clusters with OVN

2011882 - SRO helm charts not synced with templates

2011893 - Validation: BMC driver ipmi is not supported for secure UEFI boot

2011896 - [4.10] ClusterVersion Upgradeable=False MultipleReasons should include all messages

2011903 - vsphere-problem-detector: session leak

2011927 - OLM should allow users to specify a proxy for GRPC connections

2011956 - [tracker] Kubelet rejects pods that use resources that should be freed by completed pods

2011960 - [tracker] Storage operator is not available after reboot cluster instances

2011971 - ICNI2 pods are stuck in ContainerCreating state

2011972 - Ingress operator not creating wildcard route for hypershift clusters2011977 - SRO bundle references non-existent image

2012069 - Refactoring Status controller

2012177 - [OCP 4.9 + OCS 4.8.3] Overview tab is missing under Storage after successful deployment on UI

2012228 - ibmcloud: credentialsrequests invalid for machine-api-operator: resource-group

2012233 - [IBMCLOUD] IPI: "Exceeded limit of remote rules per security group (the limit is 5 remote rules per security group)"

2012235 - [IBMCLOUD] IPI: IBM cloud provider requires ResourceGroupName in cloudproviderconfig

2012317 - Dynamic Plugins: ListPageCreateDropdown items cut off

2012407 - [e2e][automation] improve vm tab console tests

2012426 - ThanosSidecarBucketOperationsFailed/ThanosSidecarUnhealthy alerts don't have namespace label

2012562 - migration condition is not detected in list view

2012770 - when using expression metric openshift_apps_deploymentconfigs_last_failed_rollout_time namespace label is re-written

2012780 - The port 50936 used by haproxy is occupied by kube-apiserver

2012838 - Setting the default maximum container root partition size for Overlay with CRI-O stop working

2012902 - Neutron Ports assigned to Completed Pods are not reused Edit

2012915 - kube_persistentvolumeclaim_labels and kube_persistentvolume_labels are missing in OCP 4.8 monitoring stack

2012971 - Disable operands deletes

2013034 - Cannot install to openshift-nmstate namespace

2013127 - OperatorHub links could not be opened in a new tabs (sharing and open a deep link works fine)

2013199 - post reboot of node SRIOV policy taking huge time

2013203 - UI breaks when trying to create block pool before storage cluster/system creation

2013222 - Full breakage for nightly payload promotion

2013273 - Nil pointer exception when phc2sys options are missing

2013321 - TuneD: high CPU utilization of the TuneD daemon.

2013416 - Multiple assets emit different content to the same filename

2013431 - Application selector dropdown has incorrect font-size and positioning

2013528 - mapi_current_pending_csr is always set to 1 on OpenShift Container Platform 4.8

2013545 - Service binding created outside topology is not visible

2013599 - Scorecard support storage is not included in ocp4.9

2013632 - Correction/Changes in Quick Start Guides for ODF 4.9 (Install ODF guide)

2013646 - fsync controller will show false positive if gaps in metrics are observed.

2013710 - ZTP Operator subscriptions for 4.9 release branch should point to 4.9 by default

2013751 - Service details page is showing wrong in-cluster hostname

2013787 - There are two tittle 'Network Attachment Definition Details' on NAD details page

2013871 - Resource table headings are not aligned with their column data

2013895 - Cannot enable accelerated network via MachineSets on Azure

2013920 - "--collector.filesystem.ignored-mount-points is DEPRECATED and will be removed in 2.0.0, use --collector.filesystem.mount-points-exclude"

2013930 - Create Buttons enabled for Bucket Class, Backingstore and Namespace Store in the absence of Storagesystem(or MCG)

2013969 - oVIrt CSI driver fails on creating PVCs on hosted engine storage domain

2013990 - Observe dashboard crashs on reload when perspective has changed (in another tab)

2013996 - Project detail page: Action "Delete Project" does nothing for the default project

2014071 - Payload imagestream new tags not properly updated during cluster upgrade

2014153 - SRIOV exclusive pooling

2014202 - [OCP-4.8.10] OVN-Kubernetes: service IP is not responding when egressIP set to the namespace

2014238 - AWS console test is failing on importing duplicate YAML definitions

2014245 - Several aria-labels, external links, and labels aren't internationalized

2014248 - Several files aren't internationalized

2014352 - Could not filter out machine by using node name on machines page

2014464 - Unexpected spacing/padding below navigation groups in developer perspective

2014471 - Helm Release notes tab is not automatically open after installing a chart for other languages

2014486 - Integration Tests: OLM single namespace operator tests failing

2014488 - Custom operator cannot change orders of condition tables

2014497 - Regex slows down different forms and creates too much recursion errors in the log

2014538 - Kuryr controller crash looping on self._get_vip_port(loadbalancer).id 'NoneType' object has no attribute 'id'

2014614 - Metrics scraping requests should be assigned to exempt priority level

2014710 - TestIngressStatus test is broken on Azure

2014954 - The prometheus-k8s-{0,1} pods are CrashLoopBackoff repeatedly

2014995 - oc adm must-gather cannot gather audit logs with 'None' audit profile

2015115 - [RFE] PCI passthrough

2015133 - [IBMCLOUD] ServiceID API key credentials seems to be insufficient for ccoctl '--resource-group-name' parameter

2015154 - Support ports defined networks and primarySubnet

2015274 - Yarn dev fails after updates to dynamic plugin JSON schema logic

2015337 - 4.9.0 GA MetalLB operator image references need to be adjusted to match production

2015386 - Possibility to add labels to the built-in OCP alerts

2015395 - Table head on Affinity Rules modal is not fully expanded

2015416 - CI implementation for Topology plugin

2015418 - Project Filesystem query returns No datapoints found

2015420 - No vm resource in project view's inventory

2015422 - No conflict checking on snapshot name

2015472 - Form and YAML view switch button should have distinguishable status

2015481 - [4.10] sriov-network-operator daemon pods are failing to start

2015493 - Cloud Controller Manager Operator does not respect 'additionalTrustBundle' setting

2015496 - Storage - PersistentVolumes : Claim colum value 'No Claim' in English

2015498 - [UI] Add capacity when not applicable (for MCG only deployment and External mode cluster) fails to pass any info. to user and tries to just load a blank screen on 'Add Capacity' button click

2015506 - Home - Search - Resources - APIRequestCount : hard to select an item from ellipsis menu

2015515 - Kubelet checks all providers even if one is configured: NoCredentialProviders: no valid providers in chain.

2015535 - Administration - ResourceQuotas - ResourceQuota details: Inside Pie chart 'x% used' is in English

2015549 - Observe - Metrics: Column heading and pagination text is in English

2015557 - Workloads - DeploymentConfigs : Error message is in English

2015568 - Compute - Nodes : CPU column's values are in English

2015635 - Storage operator fails causing installation to fail on ASH

2015660 - "Finishing boot source customization" screen should not use term "patched"

2015793 - [hypershift] The collect-profiles job's pods should run on the control-plane node

2015806 - Metrics view in Deployment reports "Forbidden" when not cluster-admin

2015819 - Conmon sandbox processes run on non-reserved CPUs with workload partitioning

2015837 - OS_CLOUD overwrites install-config's platform.openstack.cloud

2015950 - update from 4.7.22 to 4.8.11 is failing due to large amount of secrets to watch

2015952 - RH CodeReady Workspaces Operator in e2e testing will soon fail

2016004 - [RFE] RHCOS: help determining whether a user-provided image was already booted (Ignition provisioning already performed)

2016008 - [4.10] Bootimage bump tracker

2016052 - No e2e CI presubmit configured for release component azure-file-csi-driver

2016053 - No e2e CI presubmit configured for release component azure-file-csi-driver-operator

2016054 - No e2e CI presubmit configured for release component cluster-autoscaler

2016055 - No e2e CI presubmit configured for release component console

2016058 - openshift-sync does not synchronise in "ose-jenkins:v4.8"

2016064 - No e2e CI presubmit configured for release component ibm-cloud-controller-manager

2016065 - No e2e CI presubmit configured for release component ibmcloud-machine-controllers2016175 - Pods get stuck in ContainerCreating state when attaching volumes fails on SNO clusters.

2016179 - Add Sprint 208 translations

2016228 - Collect Profiles pprof secret is hardcoded to openshift-operator-lifecycle-manager

2016235 - should update to 7.5.11 for grafana resources version label

2016296 - Openshift virtualization : Create Windows Server 2019 VM using template : Fails

2016334 - shiftstack: SRIOV nic reported as not supported

2016352 - Some pods start before CA resources are present

2016367 - Empty task box is getting created for a pipeline without finally task

2016435 - Duplicate AlertmanagerClusterFailedToSendAlerts alerts

2016438 - Feature flag gating is missing in few extensions contributed via knative plugin

2016442 - OCPonRHV: pvc should be in Bound state and without error when choosing default sc

2016446 - [OVN-Kubernetes] Egress Networkpolicy is failing Intermittently for statefulsets

2016453 - Complete i18n for GaugeChart defaults

2016479 - iface-id-ver is not getting updated for existing lsp

2016925 - Dashboards with All filter, change to a specific value and change back to All, data will disappear

2016951 - dynamic actions list is not disabling "open console" for stopped vms

2016955 - m5.large instance type for bootstrap node is hardcoded causing deployments to fail if instance type is not available

2016988 - NTO does not set io_timeout and max_retries for AWS Nitro instances

2017016 - [REF] Virtualization menu

2017036 - [sig-network-edge][Feature:Idling] Unidling should handle many TCP connections fails in periodic-ci-openshift-release-master-ci-4.9-e2e-openstack-ovn

2017050 - Dynamic Plugins: Shared modules loaded multiple times, breaking use of PatternFly

2017130 - t is not a function error navigating to details page

2017141 - Project dropdown has a dynamic inline width added which can cause min-width issue

2017244 - ovirt csi operator static files creation is in the wrong order

2017276 - [4.10] Volume mounts not created with the correct security context

2017327 - When run opm index prune failed with error removing operator package cic-operator FOREIGN KEY constraint failed.

2017427 - NTO does not restart TuneD daemon when profile application is taking too long

2017535 - Broken Argo CD link image on GitOps Details Page

2017547 - Siteconfig application sync fails with The AgentClusterInstall is invalid: spec.provisionRequirements.controlPlaneAgents: Required value when updating images references

2017564 - On-prem prepender dispatcher script overwrites DNS search settings

2017565 - CCMO does not handle additionalTrustBundle on Azure Stack

2017566 - MetalLB: Web Console -Create Address pool form shows address pool name twice

2017606 - [e2e][automation] add test to verify send key for VNC console

2017650 - [OVN]EgressFirewall cannot be applied correctly if cluster has windows nodes

2017656 - VM IP address is "undefined" under VM details -> ssh field

2017663 - SSH password authentication is disabled when public key is not supplied

2017680 - [gcp] Couldn’t enable support for instances with GPUs on GCP

2017732 - [KMS] Prevent creation of encryption enabled storageclass without KMS connection set

2017752 - (release-4.10) obfuscate identity provider attributes in collected authentication.operator.openshift.io resource

2017756 - overlaySize setting on containerruntimeconfig is ignored due to cri-o defaults

2017761 - [e2e][automation] dummy bug for 4.9 test dependency

2017872 - Add Sprint 209 translations

2017874 - The installer is incorrectly checking the quota for X instances instead of G and VT instances

2017879 - Add Chinese translation for "alternate"

2017882 - multus: add handling of pod UIDs passed from runtime

2017909 - [ICNI 2.0] ovnkube-masters stop processing add/del events for pods

2018042 - HorizontalPodAutoscaler CPU averageValue did not show up in HPA metrics GUI

2018093 - Managed cluster should ensure control plane pods do not run in best-effort QoS

2018094 - the tooltip length is limited

2018152 - CNI pod is not restarted when It cannot start servers due to ports being used

2018208 - e2e-metal-ipi-ovn-ipv6 are failing 75% of the time

2018234 - user settings are saved in local storage instead of on cluster

2018264 - Delete Export button doesn't work in topology sidebar (general issue with unknown CSV?)

2018272 - Deployment managed by link and topology sidebar links to invalid resource page (at least for Exports)

2018275 - Topology graph doesn't show context menu for Export CSV

2018279 - Edit and Delete confirmation modals for managed resource should close when the managed resource is clicked

2018380 - Migrate docs links to access.redhat.com

2018413 - Error: context deadline exceeded, OCP 4.8.9

2018428 - PVC is deleted along with VM even with "Delete Disks" unchecked

2018445 - [e2e][automation] enhance tests for downstream

2018446 - [e2e][automation] move tests to different level

2018449 - [e2e][automation] add test about create/delete network attachment definition

2018490 - [4.10] Image provisioning fails with file name too long

2018495 - Fix typo in internationalization README

2018542 - Kernel upgrade does not reconcile DaemonSet

2018880 - Get 'No datapoints found.' when query metrics about alert rule KubeCPUQuotaOvercommit and KubeMemoryQuotaOvercommit

2018884 - QE - Adapt crw-basic feature file to OCP 4.9/4.10 changes

2018935 - go.sum not updated, that ART extracts version string from, WAS: Missing backport from 4.9 for Kube bump PR#950

2018965 - e2e-metal-ipi-upgrade is permafailing in 4.10

2018985 - The rootdisk size is 15Gi of windows VM in customize wizard

2019001 - AWS: Operator degraded (CredentialsFailing): 1 of 6 credentials requests are failing to sync.

2019096 - Update SRO leader election timeout to support SNO

2019129 - SRO in operator hub points to wrong repo for README

2019181 - Performance profile does not apply

2019198 - ptp offset metrics are not named according to the log output

2019219 - [IBMCLOUD]: cloud-provider-ibm missing IAM permissions in CCCMO CredentialRequest

2019284 - Stop action should not in the action list while VMI is not running

2019346 - zombie processes accumulation and Argument list too long

2019360 - [RFE] Virtualization Overview page

2019452 - Logger object in LSO appends to existing logger recursively

2019591 - Operator install modal body that scrolls has incorrect padding causing shadow position to be incorrect

2019634 - Pause and migration is enabled in action list for a user who has view only permission

2019636 - Actions in VM tabs should be disabled when user has view only permission

2019639 - "Take snapshot" should be disabled while VM image is still been importing

2019645 - Create button is not removed on "Virtual Machines" page for view only user

2019646 - Permission error should pop-up immediately while clicking "Create VM" button on template page for view only user

2019647 - "Remove favorite" and "Create new Template" should be disabled in template action list for view only user

2019717 - cant delete VM with un-owned pvc attached

2019722 - The shared-resource-csi-driver-node pod runs as “BestEffort” qosClass

2019739 - The shared-resource-csi-driver-node uses imagePullPolicy as "Always"

2019744 - [RFE] Suggest users to download newest RHEL 8 version

2019809 - [OVN][Upgrade] After upgrade to 4.7.34 ovnkube-master pods are in CrashLoopBackOff/ContainerCreating and other multiple issues at OVS/OVN level

2019827 - Display issue with top-level menu items running demo plugin

2019832 - 4.10 Nightlies blocked: Failed to upgrade authentication, operator was degraded

2019886 - Kuryr unable to finish ports recovery upon controller restart

2019948 - [RFE] Restructring Virtualization links

2019972 - The Nodes section doesn't display the csr of the nodes that are trying to join the cluster

2019977 - Installer doesn't validate region causing binary to hang with a 60 minute timeout

2019986 - Dynamic demo plugin fails to build

2019992 - instance:node_memory_utilisation:ratio metric is incorrect

2020001 - Update dockerfile for demo dynamic plugin to reflect dir change

2020003 - MCD does not regard "dangling" symlinks as a files, attempts to write through them on next backup, resulting in "not writing through dangling symlink" error and degradation.

2020107 - cluster-version-operator: remove runlevel from CVO namespace

2020153 - Creation of Windows high performance VM fails

2020216 - installer: Azure storage container blob where is stored bootstrap.ign file shouldn't be public

2020250 - Replacing deprecated ioutil

2020257 - Dynamic plugin with multiple webpack compilation passes may fail to build

2020275 - ClusterOperators link in console returns blank page during upgrades

2020377 - permissions error while using tcpdump option with must-gather

2020489 - coredns_dns metrics don't include the custom zone metrics data due to CoreDNS prometheus plugin is not defined

2020498 - "Show PromQL" button is disabled

2020625 - [AUTH-52] User fails to login from web console with keycloak OpenID IDP after enable group membership sync feature

2020638 - [4.7] CI conformance test failures related to CustomResourcePublishOpenAPI

2020664 - DOWN subports are not cleaned up

2020904 - When trying to create a connection from the Developer view between VMs, it fails

2021016 - 'Prometheus Stats' of dashboard 'Prometheus Overview' miss data on console compared with Grafana

2021017 - 404 page not found error on knative eventing page

2021031 - QE - Fix the topology CI scripts

2021048 - [RFE] Added MAC Spoof check

2021053 - Metallb operator presented as community operator

2021067 - Extensive number of requests from storage version operator in cluster

2021081 - Missing PolicyGenTemplate for configuring Local Storage Operator LocalVolumes

2021135 - [azure-file-csi-driver] "make unit-test" returns non-zero code, but tests pass

2021141 - Cluster should allow a fast rollout of kube-apiserver is failing on single node

2021151 - Sometimes the DU node does not get the performance profile configuration applied and MachineConfigPool stays stuck in Updating

2021152 - imagePullPolicy is "Always" for ptp operator images

2021191 - Project admins should be able to list available network attachment defintions

2021205 - Invalid URL in git import form causes validation to not happen on URL change

2021322 - cluster-api-provider-azure should populate purchase plan information

2021337 - Dynamic Plugins: ResourceLink doesn't render when passed a groupVersionKind

2021364 - Installer requires invalid AWS permission s3:GetBucketReplication

2021400 - Bump documentationBaseURL to 4.10

2021405 - [e2e][automation] VM creation wizard Cloud Init editor

2021433 - "[sig-builds][Feature:Builds][pullsearch] docker build where the registry is not specified" test fail permanently on disconnected

2021466 - [e2e][automation] Windows guest tool mount

2021544 - OCP 4.6.44 - Ingress VIP assigned as secondary IP in ovs-if-br-ex and added to resolv.conf as nameserver

2021551 - Build is not recognizing the USER group from an s2i image

2021607 - Unable to run openshift-install with a vcenter hostname that begins with a numeric character

2021629 - api request counts for current hour are incorrect

2021632 - [UI] Clicking on odf-operator breadcrumb from StorageCluster details page displays empty page

2021693 - Modals assigned modal-lg class are no longer the correct width

2021724 - Observe > Dashboards: Graph lines are not visible when obscured by other lines

2021731 - CCO occasionally down, reporting networksecurity.googleapis.com API as disabled

2021936 - Kubelet version in RPMs should be using Dockerfile label instead of git tags

2022050 - [BM][IPI] Failed during bootstrap - unable to read client-key /var/lib/kubelet/pki/kubelet-client-current.pem

2022053 - dpdk application with vhost-net is not able to start

2022114 - Console logging every proxy request

2022144 - 1 of 3 ovnkube-master pods stuck in clbo after ipi bm deployment - dualstack (Intermittent)

2022251 - wait interval in case of a failed upload due to 403 is unnecessarily long

2022399 - MON_DISK_LOW troubleshooting guide link when clicked, gives 404 error .

2022447 - ServiceAccount in manifests conflicts with OLM

2022502 - Patternfly tables with a checkbox column are not displaying correctly because of conflicting css rules.

2022509 - getOverrideForManifest does not check manifest.GVK.Group

2022536 - WebScale: duplicate ecmp next hop error caused by multiple of the same gateway IPs in ovnkube cache

2022612 - no namespace field for "Kubernetes / Compute Resources / Namespace (Pods)" admin console dashboard

2022627 - Machine object not picking up external FIP added to an openstack vm

2022646 - configure-ovs.sh failure - Error: unknown connection 'WARN:'

2022707 - Observe / monitoring dashboard shows forbidden errors on Dev Sandbox

2022801 - Add Sprint 210 translations

2022811 - Fix kubelet log rotation file handle leak

2022812 - [SCALE] ovn-kube service controller executes unnecessary load balancer operations

2022824 - Large number of sessions created by vmware-vsphere-csi-driver-operator during e2e tests

2022880 - Pipeline renders with minor visual artifact with certain task dependencies

2022886 - Incorrect URL in operator description

2023042 - CRI-O filters custom runtime allowed annotation when both custom workload and custom runtime sections specified under the config

2023060 - [e2e][automation] Windows VM with CDROM migration

2023077 - [e2e][automation] Home Overview Virtualization status

2023090 - [e2e][automation] Examples of Import URL for VM templates

2023102 - [e2e][automation] Cloudinit disk of VM from custom template

2023216 - ACL for a deleted egressfirewall still present on node join switch

2023228 - Remove Tech preview badge on Trigger components 1.6 OSP on OCP 4.9

2023238 - [sig-devex][Feature:ImageEcosystem][python][Slow] hot deploy for openshift python image Django example should work with hot deploy

2023342 - SCC admission should take ephemeralContainers into account

2023356 - Devfiles can't be loaded in Safari on macOS (403 - Forbidden)

2023434 - Update Azure Machine Spec API to accept Marketplace Images

2023500 - Latency experienced while waiting for volumes to attach to node

2023522 - can't remove package from index: database is locked

2023560 - "Network Attachment Definitions" has no project field on the top in the list view

2023592 - [e2e][automation] add mac spoof check for nad

2023604 - ACL violation when deleting a provisioning-configuration resource

2023607 - console returns blank page when normal user without any projects visit Installed Operators page

2023638 - Downgrade support level for extended control plane integration to Dev Preview

2023657 - inconsistent behaviours of adding ssh key on rhel node between 4.9 and 4.10

2023675 - Changing CNV Namespace

2023779 - Fix Patch 104847 in 4.9

2023781 - initial hardware devices is not loading in wizard

2023832 - CCO updates lastTransitionTime for non-Status changes

2023839 - Bump recommended FCOS to 34.20211031.3.0

2023865 - Console css overrides prevent dynamic plug-in PatternFly tables from displaying correctly

2023950 - make test-e2e-operator on kubernetes-nmstate results in failure to pull image from "registry:5000" repository

2023985 - [4.10] OVN idle service cannot be accessed after upgrade from 4.8

2024055 - External DNS added extra prefix for the TXT record

2024108 - Occasionally node remains in SchedulingDisabled state even after update has been completed sucessfully

2024190 - e2e-metal UPI is permafailing with inability to find rhcos.json

2024199 - 400 Bad Request error for some queries for the non admin user

2024220 - Cluster monitoring checkbox flickers when installing Operator in all-namespace mode

2024262 - Sample catalog is not displayed when one API call to the backend fails

2024309 - cluster-etcd-operator: defrag controller needs to provide proper observability

2024316 - modal about support displays wrong annotation

2024328 - [oVirt / RHV] PV disks are lost when machine deleted while node is disconnected

2024399 - Extra space is in the translated text of "Add/Remove alternate service" on Create Route page

2024448 - When ssh_authorized_keys is empty in form view it should not appear in yaml view

2024493 - Observe > Alerting > Alerting rules page throws error trying to destructure undefined

2024515 - test-blocker: Ceph-storage-plugin tests failing

2024535 - hotplug disk missing OwnerReference

2024537 - WINDOWS_IMAGE_LINK does not refer to windows cloud image

2024547 - Detail page is breaking for namespace store , backing store and bucket class.

2024551 - KMS resources not getting created for IBM FlashSystem storage

2024586 - Special Resource Operator(SRO) - Empty image in BuildConfig when using RT kernel

2024613 - pod-identity-webhook starts without tls

2024617 - vSphere CSI tests constantly failing with Rollout of the monitoring stack failed and is degraded

2024665 - Bindable services are not shown on topology

2024731 - linuxptp container: unnecessary checking of interfaces

2024750 - i18n some remaining OLM items

2024804 - gcp-pd-csi-driver does not use trusted-ca-bundle when cluster proxy configured

2024826 - [RHOS/IPI] Masters are not joining a clusters when installing on OpenStack

2024841 - test Keycloak with latest tag

2024859 - Not able to deploy an existing image from private image registry using developer console

2024880 - Egress IP breaks when network policies are applied

2024900 - Operator upgrade kube-apiserver

2024932 - console throws "Unauthorized" error after logging out

2024933 - openshift-sync plugin does not sync existing secrets/configMaps on start up

2025093 - Installer does not honour diskformat specified in storage policy and defaults to zeroedthick

2025230 - ClusterAutoscalerUnschedulablePods should not be a warning

2025266 - CreateResource route has exact prop which need to be removed

2025301 - [e2e][automation] VM actions availability in different VM states

2025304 - overwrite storage section of the DV spec instead of the pvc section

2025431 - [RFE]Provide specific windows source link

2025458 - [IPI-AWS] cluster-baremetal-operator pod in a crashloop state after patching from 4.7.21 to 4.7.36

2025464 - [aws] openshift-install gather bootstrap collects logs for bootstrap and only one master node

2025467 - [OVN-K][ETP=local] Host to service backed by ovn pods doesn't work for ExternalTrafficPolicy=local

2025481 - Update VM Snapshots UI

2025488 - [DOCS] Update the doc for nmstate operator installation

2025592 - ODC 4.9 supports invalid devfiles only

2025765 - It should not try to load from storageProfile after unchecking"Apply optimized StorageProfile settings"

2025767 - VMs orphaned during machineset scaleup

2025770 - [e2e] non-priv seems looking for v2v-vmware configMap in ns "kubevirt-hyperconverged" while using customize wizard

2025788 - [IPI on azure]Pre-check on IPI Azure, should check VM Size’s vCPUsAvailable instead of vCPUs for the sku.

2025821 - Make "Network Attachment Definitions" available to regular user

2025823 - The console nav bar ignores plugin separator in existing sections

2025830 - CentOS capitalizaion is wrong

2025837 - Warn users that the RHEL URL expire

2025884 - External CCM deploys openstack-cloud-controller-manager from quay.io/openshift/origin-*

2025903 - [UI] RoleBindings tab doesn't show correct rolebindings

2026104 - [sig-imageregistry][Feature:ImageAppend] Image append should create images by appending them [Skipped:Disconnected] [Suite:openshift/conformance/parallel]

2026178 - OpenShift Alerting Rules Style-Guide Compliance

2026209 - Updation of task is getting failed (tekton hub integration)

2026223 - Internal error occurred: failed calling webhook "ptpconfigvalidationwebhook.openshift.io"

2026321 - [UPI on Azure] Shall we remove allowedValue about VMSize in ARM templates

2026343 - [upgrade from 4.5 to 4.6] .status.connectionState.address of catsrc community-operators is not correct

2026352 - Kube-Scheduler revision-pruner fail during install of new cluster

2026374 - aws-pod-identity-webhook go.mod version out of sync with build environment

2026383 - Error when rendering custom Grafana dashboard through ConfigMap

2026387 - node tuning operator metrics endpoint serving old certificates after certificate rotation

2026396 - Cachito Issues: sriov-network-operator Image build failure

2026488 - openshift-controller-manager - delete event is repeating pathologically

2026489 - ThanosRuleRuleEvaluationLatencyHigh alerts when a big quantity of alerts defined.

2026560 - Cluster-version operator does not remove unrecognized volume mounts

2026699 - fixed a bug with missing metadata

2026813 - add Mellanox CX-6 Lx DeviceID 101f NIC support in SR-IOV Operator

2026898 - Description/details are missing for Local Storage Operator

2027132 - Use the specific icon for Fedora and CentOS template

2027238 - "Node Exporter / USE Method / Cluster" CPU utilization graph shows incorrect legend

2027272 - KubeMemoryOvercommit alert should be human readable

2027281 - [Azure] External-DNS cannot find the private DNS zone in the resource group

2027288 - Devfile samples can't be loaded after fixing it on Safari (redirect caching issue)

2027299 - The status of checkbox component is not revealed correctly in code

2027311 - K8s watch hooks do not work when fetching core resources

2027342 - Alert ClusterVersionOperatorDown is firing on OpenShift Container Platform after ca certificate rotation

2027363 - The azure-file-csi-driver and azure-file-csi-driver-operator don't use the downstream images

2027387 - [IBMCLOUD] Terraform ibmcloud-provider buffers entirely the qcow2 image causing spikes of 5GB of RAM during installation

2027498 - [IBMCloud] SG Name character length limitation

2027501 - [4.10] Bootimage bump tracker

2027524 - Delete Application doesn't delete Channels or Brokers2027563 - e2e/add-flow-ci.feature fix accessibility violations

2027585 - CVO crashes when changing spec.upstream to a cincinnati graph which includes invalid conditional edges

2027629 - Gather ValidatingWebhookConfiguration and MutatingWebhookConfiguration resource definitions

2027685 - openshift-cluster-csi-drivers pods crashing on PSI

2027745 - default samplesRegistry prevents the creation of imagestreams when registrySources.allowedRegistries is enforced

2027824 - ovnkube-master CrashLoopBackoff: panic: Expected slice or struct but got string

2027917 - No settings in hostfirmwaresettings and schema objects for masters2027927 - sandbox creation fails due to obsolete option in /etc/containers/storage.conf

2027982 - nncp stucked at ConfigurationProgressing

2028019 - Max pending serving CSRs allowed in cluster machine approver is not right for UPI clusters2028024 - After deleting a SpecialResource, the node is still tagged although the driver is removed

2028030 - Panic detected in cluster-image-registry-operator pod

2028042 - Desktop viewer for Windows VM shows "no Service for the RDP (Remote Desktop Protocol) can be found"

2028054 - Cloud controller manager operator can't get leader lease when upgrading from 4.8 up to 4.9

2028106 - [RFE] Use dynamic plugin actions for kubevirt plugin

2028141 - Console tests doesn't pass on Node.js 15 and 16

2028160 - Remove i18nKey in network-policy-peer-selectors.tsx

2028162 - Add Sprint 210 translations

2028170 - Remove leading and trailing whitespace

2028174 - Add Sprint 210 part 2 translations

2028187 - Console build doesn't pass on Node.js 16 because node-sass doesn't support it

2028217 - Cluster-version operator does not default Deployment replicas to one

2028240 - Multiple CatalogSources causing higher CPU use than necessary

2028268 - Password parameters are listed in FirmwareSchema in spite that cannot and shouldn't be set in HostFirmwareSettings

2028325 - disableDrain should be set automatically on SNO

2028484 - AWS EBS CSI driver's livenessprobe does not respect operator's loglevel

2028531 - Missing netFilter to the list of parameters when platform is OpenStack

2028610 - Installer doesn't retry on GCP rate limiting

2028685 - LSO repeatedly reports errors while diskmaker-discovery pod is starting

2028695 - destroy cluster does not prune bootstrap instance profile

2028731 - The containerruntimeconfig controller has wrong assumption regarding the number of containerruntimeconfigs

2028802 - CRI-O panic due to invalid memory address or nil pointer dereference

2028816 - VLAN IDs not released on failures

2028881 - Override not working for the PerformanceProfile template

2028885 - Console should show an error context if it logs an error object

2028949 - Masthead dropdown item hover text color is incorrect

2028963 - Whereabouts should reconcile stranded IP addresses

2029034 - enabling ExternalCloudProvider leads to inoperative cluster

2029178 - Create VM with wizard - page is not displayed

2029181 - Missing CR from PGT

2029273 - wizard is not able to use if project field is "All Projects"

2029369 - Cypress tests github rate limit errors2029371 - patch pipeline--worker nodes unexpectedly reboot during scale out

2029394 - missing empty text for hardware devices at wizard review

2029414 - Alibaba Disk snapshots with XFS filesystem cannot be used

2029416 - Alibaba Disk CSI driver does not use credentials provided by CCO / ccoctl

2029521 - EFS CSI driver cannot delete volumes under load

2029570 - Azure Stack Hub: CSI Driver does not use user-ca-bundle

2029579 - Clicking on an Application which has a Helm Release in it causes an error

2029644 - New resource FirmwareSchema - reset_required exists for Dell machines and doesn't for HPE

2029645 - Sync upstream 1.15.0 downstream

2029671 - VM action "pause" and "clone" should be disabled while VM disk is still being importing

2029742 - [ovn] Stale lr-policy-list and snat rules left for egressip

2029750 - cvo keep restart due to it fail to get feature gate value during the initial start stage

2029785 - CVO panic when an edge is included in both edges and conditionaledges

2029843 - Downstream ztp-site-generate-rhel8 4.10 container image missing content(/home/ztp)

2030003 - HFS CRD: Attempt to set Integer parameter to not-numeric string value - no error

2030029 - [4.10][goroutine]Namespace stuck terminating: Failed to delete all resource types, 1 remaining: unexpected items still remain in namespace

2030228 - Fix StorageSpec resources field to use correct API

2030229 - Mirroring status card reflect wrong data

2030240 - Hide overview page for non-privileged user

2030305 - Export App job do not completes

2030347 - kube-state-metrics exposes metrics about resource annotations

2030364 - Shared resource CSI driver monitoring is not setup correctly

2030488 - Numerous Azure CI jobs are Failing with Partially Rendered machinesets

2030534 - Node selector/tolerations rules are evaluated too early

2030539 - Prometheus is not highly available

2030556 - Don't display Description or Message fields for alerting rules if those annotations are missing

2030568 - Operator installation fails to parse operatorframework.io/initialization-resource annotation

2030574 - console service uses older "service.alpha.openshift.io" for the service serving certificates.

2030677 - BOND CNI: There is no option to configure MTU on a Bond interface

2030692 - NPE in PipelineJobListener.upsertWorkflowJob

2030801 - CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache

2030806 - CVE-2021-44717 golang: syscall: don't close fd 0 on ForkExec error

2030847 - PerformanceProfile API version should be v2

2030961 - Customizing the OAuth server URL does not apply to upgraded cluster

2031006 - Application name input field is not autofocused when user selects "Create application"

2031012 - Services of type loadbalancer do not work if the traffic reaches the node from an interface different from br-ex

2031040 - Error screen when open topology sidebar for a Serverless / knative service which couldn't be started

2031049 - [vsphere upi] pod machine-config-operator cannot be started due to panic issue

2031057 - Topology sidebar for Knative services shows a small pod ring with "0 undefined" as tooltip

2031060 - Failing CSR Unit test due to expired test certificate

2031085 - ovs-vswitchd running more threads than expected

2031141 - Some pods not able to reach k8s api svc IP 198.223.0.1

2031228 - CVE-2021-43813 grafana: directory traversal vulnerability

2031502 - [RFE] New common templates crash the ui

2031685 - Duplicated forward upstreams should be removed from the dns operator

2031699 - The displayed ipv6 address of a dns upstream should be case sensitive

2031797 - [RFE] Order and text of Boot source type input are wrong

2031826 - CI tests needed to confirm driver-toolkit image contents

2031831 - OCP Console - Global CSS overrides affecting dynamic plugins

2031839 - Starting from Go 1.17 invalid certificates will render a cluster dysfunctional

2031858 - GCP beta-level Role (was: CCO occasionally down, reporting networksecurity.googleapis.com API as disabled)

2031875 - [RFE]: Provide online documentation for the SRO CRD (via oc explain)

2031926 - [ipv6dualstack] After SVC conversion from single stack only to RequireDualStack, cannot curl NodePort from the node itself

2032006 - openshift-gitops-application-controller-0 failed to schedule with sufficient node allocatable resource

2032111 - arm64 cluster, create project and deploy the example deployment, pod is CrashLoopBackOff due to the image is built on linux+amd64

2032141 - open the alertrule link in new tab, got empty page

2032179 - [PROXY] external dns pod cannot reach to cloud API in the cluster behind a proxy

2032296 - Cannot create machine with ephemeral disk on Azure

2032407 - UI will show the default openshift template wizard for HANA template

2032415 - Templates page - remove "support level" badge and add "support level" column which should not be hard coded

2032421 - [RFE] UI integration with automatic updated images

2032516 - Not able to import git repo with .devfile.yaml

2032521 - openshift-installer intermittent failure on AWS with "Error: Provider produced inconsistent result after apply" when creating the aws_vpc_dhcp_options_association resource

2032547 - hardware devices table have filter when table is empty

2032565 - Deploying compressed files with a MachineConfig resource degrades the MachineConfigPool

2032566 - Cluster-ingress-router does not support Azure Stack

2032573 - Adopting enforces deploy_kernel/ramdisk which does not work with deploy_iso

2032589 - DeploymentConfigs ignore resolve-names annotation

2032732 - Fix styling conflicts due to recent console-wide CSS changes

2032831 - Knative Services and Revisions are not shown when Service has no ownerReference

2032851 - Networking is "not available" in Virtualization Overview

2032926 - Machine API components should use K8s 1.23 dependencies

2032994 - AddressPool IP is not allocated to service external IP wtih aggregationLength 24

2032998 - Can not achieve 250 pods/node with OVNKubernetes in a multiple worker node cluster

2033013 - Project dropdown in user preferences page is broken

2033044 - Unable to change import strategy if devfile is invalid

2033098 - Conjunction in ProgressiveListFooter.tsx is not translatable

2033111 - IBM VPC operator library bump removed global CLI args

2033138 - "No model registered for Templates" shows on customize wizard

2033215 - Flaky CI: crud/other-routes.spec.ts fails sometimes with an cypress ace/a11y AssertionError: 1 accessibility violation was detected

2033239 - [IPI on Alibabacloud] 'openshift-install' gets the wrong region (‘cn-hangzhou’) selected

2033257 - unable to use configmap for helm charts

2033271 - [IPI on Alibabacloud] destroying cluster succeeded, but the resource group deletion wasn’t triggered

2033290 - Product builds for console are failing

2033382 - MAPO is missing machine annotations

2033391 - csi-driver-shared-resource-operator sets unused CVO-manifest annotations

2033403 - Devfile catalog does not show provider information

2033404 - Cloud event schema is missing source type and resource field is using wrong value

2033407 - Secure route data is not pre-filled in edit flow form

2033422 - CNO not allowing LGW conversion from SGW in runtime

2033434 - Offer darwin/arm64 oc in clidownloads

2033489 - CCM operator failing on baremetal platform

2033518 - [aws-efs-csi-driver]Should not accept invalid FSType in sc for AWS EFS driver

2033524 - [IPI on Alibabacloud] interactive installer cannot list existing base domains

2033536 - [IPI on Alibabacloud] bootstrap complains invalid value for alibabaCloud.resourceGroupID when updating "cluster-infrastructure-02-config.yml" status, which leads to bootstrap failed and all master nodes NotReady

2033538 - Gather Cost Management Metrics Custom Resource

2033579 - SRO cannot update the special-resource-lifecycle ConfigMap if the data field is undefined

2033587 - Flaky CI test project-dashboard.scenario.ts: Resource Quotas Card was not found on project detail page

2033634 - list-style-type: disc is applied to the modal dropdowns

2033720 - Update samples in 4.10

2033728 - Bump OVS to 2.16.0-33

2033729 - remove runtime request timeout restriction for azure

2033745 - Cluster-version operator makes upstream update service / Cincinnati requests more frequently than intended

2033749 - Azure Stack Terraform fails without Local Provider

2033750 - Local volume should pull multi-arch image for kube-rbac-proxy

2033751 - Bump kubernetes to 1.23

2033752 - make verify fails due to missing yaml-patch

2033784 - set kube-apiserver degraded=true if webhook matches a virtual resource

2034004 - [e2e][automation] add tests for VM snapshot improvements

2034068 - [e2e][automation] Enhance tests for 4.10 downstream

2034087 - [OVN] EgressIP was assigned to the node which is not egress node anymore

2034097 - [OVN] After edit EgressIP object, the status is not correct

2034102 - [OVN] Recreate the deleted EgressIP object got InvalidEgressIP warning

2034129 - blank page returned when clicking 'Get started' button

2034144 - [OVN AWS] ovn-kube egress IP monitoring cannot detect the failure on ovn-k8s-mp0

2034153 - CNO does not verify MTU migration for OpenShiftSDN

2034155 - [OVN-K] [Multiple External Gateways] Per pod SNAT is disabled

2034170 - Use function.knative.dev for Knative Functions related labels

2034190 - unable to add new VirtIO disks to VMs

2034192 - Prometheus fails to insert reporting metrics when the sample limit is met

2034243 - regular user cant load template list

2034245 - installing a cluster on aws, gcp always fails with "Error: Incompatible provider version"

2034248 - GPU/Host device modal is too small

2034257 - regular user `Create VM` missing permissions alert

2034285 - [sig-api-machinery] API data in etcd should be stored at the correct location and version for all resources [Serial] [Suite:openshift/conformance/serial]

2034287 - do not block upgrades if we can't create storageclass in 4.10 in vsphere

2034300 - Du validator policy is NonCompliant after DU configuration completed

2034319 - Negation constraint is not validating packages

2034322 - CNO doesn't pick up settings required when ExternalControlPlane topology

2034350 - The CNO should implement the Whereabouts IP reconciliation cron job

2034362 - update description of disk interface

2034398 - The Whereabouts IPPools CRD should include the podref field

2034409 - Default CatalogSources should be pointing to 4.10 index images

2034410 - Metallb BGP, BFD: prometheus is not scraping the frr metrics

2034413 - cloud-network-config-controller fails to init with secret "cloud-credentials" not found in manual credential mode