Bug 1806706 - Can't display images in own namespace
Summary: Can't display images in own namespace
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Dev Console
Version: 4.3.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 4.3.z
Assignee: Karthik Jeeyar
QA Contact: Gajanan More
Depends On: internal-imagestream-fix
TreeView+ depends on / blocked
Reported: 2020-02-24 19:27 UTC by Daniel
Modified: 2020-03-10 23:54 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2020-03-10 23:54:09 UTC
Target Upstream Version:

Attachments (Terms of Use)
Internal registry images (131.94 KB, image/png)
2020-03-05 10:01 UTC, Gajanan More
no flags Details

System ID Private Priority Status Summary Last Updated
Github openshift console pull 4461 0 None closed [release-4.3] Bug 1806706: add namespace level imagestream fetching 2021-01-15 19:01:44 UTC
Red Hat Product Errata RHBA-2020:0676 0 None None None 2020-03-10 23:54:18 UTC

Description Daniel 2020-02-24 19:27:17 UTC
Description of problem:

No image streams are available from the internal registry for a normal user's namespace even if imagestreams/images already exist in the namespace 

Version-Release number of selected component (if applicable):

How reproducible:
Login with a normal user(no cluster-admin) in OCP 4.3

Steps to Reproduce:
1. Go to Dev Console > +Add > Click on "Container Image"
2. Choose Image name from internal registry
3. Choose any namespace which the login user owns and includes existing image/imagestreams

Actual results:
No Image streams found

Expected results:
The Image should be displayed

Additional info:
When I debug it via Chrome dev console, I can see the following error:
{kind: "Status", apiVersion: "v1", metadata: {}, status: "Failure",…}
kind: "Status"
apiVersion: "v1"
metadata: {}
status: "Failure"
message: "imagestreams.image.openshift.io is forbidden: User "user1" cannot list resource "imagestreams" in API group "image.openshift.io" at the cluster scope"
reason: "Forbidden"
details: {group: "image.openshift.io", kind: "imagestreams"}
code: 403

Otherwise, I logged in cluster-admin credentials, the images are displayed.

Comment 3 Gajanan More 2020-03-05 09:48:18 UTC
I have validated this bug on:
Build: 4.3.0-0.nightly-2020-03-04-235307
Browser: Google Chrome Version 78.0.3904.108
Marking this as verified.

Comment 4 Gajanan More 2020-03-05 10:01:07 UTC
Created attachment 1667693 [details]
Internal registry images

Comment 6 errata-xmlrpc 2020-03-10 23:54:09 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.