Bug 1983091
Summary: | Logic for getting default pull secret incorrect on project page | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Samuel Padgett <spadgett> |
Component: | Management Console | Assignee: | Kim Dobestein <kdoberst> |
Status: | CLOSED ERRATA | QA Contact: | Yanping Zhang <yanpzhan> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | 4.8 | CC: | aos-bugs, jokerman, kdoberst, yapei |
Target Milestone: | --- | ||
Target Release: | 4.9.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
Cause:
Application was not showing all the pull secrets from the default ServiceAccount.
Consequence:
Missing information on the project details screen and the user needed to go to the default ServiceAccount YAML to view all default pull secrets
Fix:
List all pull secrets from the default ServiceAccount on the project details page.
Result:
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2021-10-18 17:39:54 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Samuel Padgett
2021-07-16 13:44:20 UTC
Checked on ocp 4.9 cluster with payload 4.9.0-0.nightly-2021-07-29-103526. 1.Create a project, check the default pull secret on project detail page, it displays "default-dockercfg-xczwx"; 2.Create a image pull secret in the project, and add the secret in default sa in the project, then check default pull secret on the project detail page again, the new image pull secret is also shown. 3.Create a role "example1" with view project/namespace permission but no permission to view secret in project: kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: example1 uid: 785f7296-20fd-4f1a-8105-30be19f92539 resourceVersion: '470509' creationTimestamp: '2021-07-30T10:31:43Z' managedFields: - manager: Mozilla operation: Update apiVersion: rbac.authorization.k8s.io/v1 time: '2021-07-30T10:31:43Z' fieldsType: FieldsV1 fieldsV1: 'f:rules': {} rules: - verbs: - get - watch - list apiGroups: - '' resources: - projects - verbs: - get apiGroups: - '' resources: - namespaces 4. Grant normal user the "example1" role to the project. 5. Login with normal user, check on the project detail page, now the default pull secret field displays: "Error loading default pull Secrets" The bug is fixed. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3759 |