Description of problem: Sometimes when we open admin console , it keeps loading and return nothing until we click some other menus or reload button. Usually it happens on the first time user opens admin console and only FF in my trying(not sure if it only reproduces on FF) Version-Release number of selected component (if applicable): v3.11.98 How reproducible: Sometimes Steps to Reproduce: 1. user open admin console URL 2. 3. Actual results: 1. it keeps loading and nothing returned after a long time, in developer console we can see Error: "Forbidden" f index.tsx:52 v index.tsx:52 Expected results: 1. project list page should be returned with projects or empty Additional info:
Created attachment 1559610 [details] DevConsole Error
> Actual results: > 1. it keeps loading and nothing returned after a long time, in developer > console we can see > Error: "Forbidden" > f index.tsx:52 > v index.tsx:52 That error is expected depending on your permissions and should not cause a problem. Any chance you can record a video of what's happening, ideally with the network tab open? It's not clear to me exactly what you're seeing. You keep seeing the loading indicator on the projects page? Is it possible the API response is simply slow? I would check that the initial request for projects has completed in the network tab.(In reply to Yadan Pei from comment #0)
Sure, I will add a screenshot next time I meet this issue. Yes, only a loading indicator on projects page, I met this when I logins as a normal user and I have only two projects.
Sam, thanks for your trying. I didn't reproduce today in 3.11 cluster, I will give necessary files next time I meet this issue.
I tried to reproduce today but without luck. I will keep trying in following days to see if CLI works when this issue is reproduced.
Hi, have you been able to reproduce?
Hi Sam, I didn't reproduce recently since we did little testing on 3.11, feel free to close it if you want.
Using oc login can successfully login
It happens mostly when switch from Developer Console to Cluster Console, visiting Cluster Console route directly seems can't reproduce the issue Attached is HAR file
Created attachment 1602071 [details] HAR
It looks like the request for `openshift-favicon.png` set a new `csrf-token` cookie while other requests were being fired off. There is a race condition where GET requests read the current cookie and add the header to the next request. If another response updates the cookie between the time it's read and when the request is sent, the values don't match. I'm not sure why a new cookie was be set for the favicon request, however. This should be fixed indirectly by https://github.com/openshift/console/pull/2523, but I'd like to understand why the CSRF token was updated.
The favicon path is wrong: /auth/static/assets/openshift-favicon.png This caused the index handler to run, which reset the CSRF cookie. https://github.com/openshift/console/blob/master/pkg/server/server.go#L318
The paths in tokener.html are wrong: https://github.com/openshift/console/blob/release-3.11/frontend/public/tokener.html This is only a problem in 3.11.
# oc get pods -n openshift-console -o yaml | grep image image: registry.reg-aws.openshift.com:443/openshift3/ose-console:v3.11 # docker inspect registry.reg-aws.openshift.com:443/openshift3/ose-console:v3.11 .... "Labels":{ "License":"GPLv2+", "architecture":"x86_64", "authoritative-source-url":"registry.access.redhat.com", "build-date":"2019-09-17T22:08:49.979227", "com.redhat.build-host":"cpt-1004.osbs.prod.upshift.rdu2.redhat.com", "com.redhat.component":"openshift-enterprise-console-container", "com.redhat.license_terms":"https://www.redhat.com/en/about/red-hat-end-user-license-agreements", "description":"ThisisacomponentofOpenShiftContainerPlatformandprovidesawebconsole.", "distribution-scope":"public", "io.k8s.description":"ThisisacomponentofOpenShiftContainerPlatformandprovidesawebconsole.", "io.k8s.display-name":"OpenShiftConsole", "io.openshift.build.commit.id":"2abfa57365be06e6e14e751ef4b4a6a0dfc8fdaa", "io.openshift.build.commit.url":"https://github.com/openshift/console/commit/2abfa57365be06e6e14e751ef4b4a6a0dfc8fdaa", "io.openshift.build.source-location":"https://github.com/openshift/console", "io.openshift.tags":"openshift,console", "maintainer":"SamuelPadgett<spadgett>", "name":"openshift3/ose-console", "release":"1", "summary":"ProvidesthelatestreleaseofRedHatEnterpriseLinux7inafullyfeaturedandsupportedbaseimage.", "url":"https://access.redhat.com/containers/#/registry.access.redhat.com/openshift3/ose-console/images/v3.11.146-1", "vcs-ref":"8df6ebf6dfbd0a53196640d0e3b60006af4bcb57", "vcs-type":"git", "vendor":"RedHat,Inc.", "version":"v3.11.146" .... I don't see this issue happen on 3.11.146
Thanks very much for the fix and will continue to track this issue in next few builds
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:2816