Kube mgmt fails after upgrade - {"code":"undefined_document","message":"document missing: data.system.main"}

[robbo10]

Hello,

We have upgraded OPA from version 0.38.0 -> 0.51.0 following this OPA is working as expected, however we were also on a very old version of kube-mgmt 3.3.0, we tried to upgrade to version 8.1.1 this caused the following error:

{"code":"undefined_document","message":"document missing: data.system.main"}

As a test we migrated to 4.1.1 and everything worked as expected but started failing from version 6.0.0.

These are the args we have for kube-mgmt:

          args:
            - "--replicate-cluster=v1/namespaces"
            - "--replicate=networking.k8s.io/v1/ingresses"
            - "--replicate=networking.k8s.io/v1/networkpolicies"
            - "--replicate=traefik.containo.us/v1alpha1/ingressroutes"

We did notice that the RBAC had changed initially we were just using role, these have been changed to ClusterRoles.

Are we missing some arg to get past this error?

Thanks

[robbo10]

These are the args we have for opa:

          args:
            - "run"
            - "--server"
            - "--tls-cert-file=/certs/tls.crt"
            - "--tls-private-key-file=/certs/tls.key"
            - "--addr=0.0.0.0:8443"
            - "--addr=http://0.0.0.0:8181"
            - "--log-format=json"
            - "--log-level=error"
            - "--set=decision_logs.console=true"

[robbo10]

This was resolved by updating the opa configmaps which store the policies to include the following label openpolicyagent.org/policy=rego