After upgrading to SSP 5.1, Rule Analysis feature precheck tile remained greyed out, preventing activation. Applies to Baremetal Security as well - both new features in SSP 5.1.0, not present in SSP 5.0.0.

ClusterAPI failed to load the precheck configuration due to a stale cache in the PostgreSQL feature_configs table.

SSP 5.1.0

During upgrade, ClusterAPI pod restart completed startup before all k8s resource templates got applied.

Thus leading to ClusterAPI loading older version of precheck metadata in feature_configs  table in clusterapi  database in PostgreSQL.

The feature configuration cache in ClusterAPI became stale and failed to reload feature prechecks due to a malformed or invalid atp_version key in PostgreSQL.

This stale cache caused the Rule Analysis precheck not to appear as available. This happens due to a race condition and cache invalidation flaw in the feature-switch informer service, which prevented proper precheck reload during upgrade.

This issue will be fixed in the upcoming SSP release. Please contact Broadcom Support for executing the workaround.