openshift-ci[bot]
commented
3 months ago [APPROVALNOTIFIER] This PR is APPROVED
This pull-request has been approved by: rhmdnd, yuumasato
The full list of commands accepted by this bot can be found here.
The pull request process is described here
Needs approval from an approver in each of these files:
- ~~[OWNERS](https://github.com/ComplianceAsCode/compliance-operator/blob/master/OWNERS)~~ [rhmdnd]
Approvers can indicate their approval by writing `/approve` in a comment
Approvers can cancel approval by writing `/approve cancel` in a comment
We recently updated Compliance Operator support to only load ocp4 profiles when running on Power and Z systems, since those are currently the only profiles that are supported on those architectures.
In the process, we added architecture detection so the operator knows if it's running OpenShift on amd64, ppc64le, or s390x. However, the operator will also create default scan settings based on the architecture and platform, which didn't take these into account.
Since we were using new architecture/platform keys in the support mapping, they weren't being handled correctly when the operator created the default scan settings. This caused it to use a generic catch all to schedule scans on all available nodes. While this is fine for some platforms, like EKS, it doesn't work when nodes are in different node pools because they will constantly get different results and be INCONSISTENT.