Description of problem: I am trying to edit a project's annotation, namely "openshift.io/node-selector". If I do "oc edit project openshift-infra" and change the "openshift.io/node-selector" to "type=infra", and save it gives me the following error: Invalid value: "": field is immutable, try updating the namespace If I try oc annotate, the same thing happens: [root@ip-172-31-56-156 ~]# oc annotate project openshift-infra openshift.io/node-selector=type=infra --overwrite The Project "openshift-infra" is invalid. metadata.annotations[openshift.io/node-selector]: Invalid value: "type=infra": field is immutable, try updating the namespace [root@ip-172-31-56-156 ~]# Now, if I use "namespace" instead of "project" things work as expected. oc edit namespace openshift-infra OR [root@ip-172-31-56-156 ~]# oc annotate namespace openshift-infra openshift.io/node-selector=type=infra --overwrite namespace "openshift-infra" annotated Things work as expected. Version-Release number of selected component (if applicable): I have seen this in 3.2.1.15 and 3.3.0.32 How reproducible: Very Steps to Reproduce: 1. Install Openshift cluster 2. oc edit project openshift-infra 3. change/update the openshift.io/node-selector 4. attempt to save Actual results: Error on saving. Expected results: I would expect it to save the annotation as requested. Additional info: I don't understand why this works in ns and not project. What is the difference? If there a reason it works with one but not the other?
This could be enabled with a secondary authz check inside the RESTStorage backing the projects endpoint. If you can update the namespace, you can update anything in the project. You could also issue an impersonating request directly to the namespace which might be more reliable.
WIP PR: https://github.com/openshift/origin/pull/11647
Project is meant to be a limited permission view with specific constraints. Changing that adds far too much complexity for no real gains.
It is a website that has a bug with the status of the alias. They have an editing project with the namespace annotations for whiteboards. You must check https://uk.bestessays.com/research_proposal_service.html and get ideas to write a thesis. You can also attach your file status with test cases. Join them for more information.
This article has been covered for a long time.(https://geometry-dash.co) I don't know if the website is still in use or not.
(In reply to RobertJones from comment #4) > It is a website that has a bug with the status of the alias. They have an > editing project with the namespace annotations for whiteboards. You must > check https://uk.bestessays.com/research_proposal_service.html and get ideas > to write a thesis. You can also attach your file status with test cases. > Join them for more information. What I don't seriously have any idea what it technically means like to be as with that said I am on the edge of my seats with no idea being developed to overcome the problem I face for https://www.diplomaassignments.com/sdsu-open-university-assignment-help . I see it no way around being spoken of
A supplementary authz check within the RESTStorage supporting the project endpoint could enable this. Everything in the project can be updated if you can change the namespace. Another option, possibly more dependable, is to send an impersonating request directly to the namespace and if you get more information about this so visit this website https://www.canadawritings.ca/buy-essay/
This comment was flagged a spam, view the edit history to see the original text if required.