Merge pull request #10017 from barbacbd/OCPBUGS-62870

openshift-merge-bot[bot] · web-flow · commit d9d84eadb19a · 2025-10-22T07:53:58.000Z
OCPBUGS-62870: Fix firewall checks
diff --git a/pkg/infrastructure/gcp/clusterapi/firewallrules.go b/pkg/infrastructure/gcp/clusterapi/firewallrules.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"time"
 
+	"github.com/sirupsen/logrus"
 	"google.golang.org/api/compute/v1"
 
 	configv1 "github.com/openshift/api/config/v1"
@@ -220,13 +221,15 @@ func hasFirewallPermission(ctx context.Context, projectID string, permissions []
 		return false, fmt.Errorf("failed to find project permissions during firewall permission check: %w", err)
 	}
 
+	permissionsValid := true
 	for _, permission := range permissions {
 		if hasPermission := foundPermissions.Has(permission); !hasPermission {
-			return false, fmt.Errorf("failed to find firewall permission %s", permission)
+			logrus.Warnf("failed to find permission %s, skipping firewall rule creation", permission)
+			permissionsValid = false
 		}
 	}
 
-	return true, nil
+	return permissionsValid, nil
 }
 
 // createFirewallRules creates the rules needed between the worker and master nodes.

Original file line number	Diff line number	Diff line change
`@@ -5,6 +5,7 @@ import (`
`5`	`5`	`"fmt"`
`6`	`6`	`"time"`
`7`	`7`
	`8`	`+ "github.com/sirupsen/logrus"`
`8`	`9`	`"google.golang.org/api/compute/v1"`
`9`	`10`
`10`	`11`	`configv1 "github.com/openshift/api/config/v1"`
`@@ -220,13 +221,15 @@ func hasFirewallPermission(ctx context.Context, projectID string, permissions []`
`220`	`221`	`return false, fmt.Errorf("failed to find project permissions during firewall permission check: %w", err)`
`221`	`222`	`}`
`222`	`223`
	`224`	`+ permissionsValid := true`
`223`	`225`	`for _, permission := range permissions {`
`224`	`226`	`if hasPermission := foundPermissions.Has(permission); !hasPermission {`
`225`		`- return false, fmt.Errorf("failed to find firewall permission %s", permission)`
	`227`	`+ logrus.Warnf("failed to find permission %s, skipping firewall rule creation", permission)`
	`228`	`+ permissionsValid = false`
`226`	`229`	`}`
`227`	`230`	`}`
`228`	`231`
`229`		`- return true, nil`
	`232`	`+ return permissionsValid, nil`
`230`	`233`	`}`
`231`	`234`
`232`	`235`	`// createFirewallRules creates the rules needed between the worker and master nodes.`