Bug 1822112 - Cannot deploy images from "openshift" namespace from the developer perspective
Summary: Cannot deploy images from "openshift" namespace from the developer perspective
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Dev Console
Version: 4.3.z
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: 4.5.0
Assignee: Jaivardhan Kumar
QA Contact: Gajanan More
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-04-08 09:46 UTC by Sergio G.
Modified: 2023-09-07 22:43 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: self provisioner user who doesn't have access to openshift namespace can't access images from that namespace Consequence: Users are unable to deploy images from "openshift" namespace in the UI but they can do it using the CLI. Fix: All user should have access to list images in container image section for add flow in Developer console Result: Users are able to deploy images from "openshift" namespace in the UI
Clone Of:
Environment:
Last Closed: 2020-07-13 17:26:08 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
Dropdown (29.23 KB, image/png)
2020-04-08 09:46 UTC, Sergio G. 		no flags Details
Openshift is there in the drop down menu (159.17 KB, image/png)
2020-05-06 08:30 UTC, Gajanan More 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Github openshift console pull 5196 0 None closed Bug 1822112: include OpenShift Project as part of deployImage flow 2020-12-02 08:07:03 UTC
Red Hat Product Errata RHBA-2020:2409 0 None None None 2020-07-13 17:26:21 UTC

Description Sergio G. 2020-04-08 09:46:19 UTC 
Created attachment 1677189 [details]
Dropdown

Description of problem:
Users are unable to deploy images from "openshift" namespace in the UI but they can do it using the CLI.


Version-Release number of selected component (if applicable):
4.3.8


How reproducible:
Always


Steps to Reproduce:
1. Log in console and open the developer perspective
2. Click on "+ Add" and then choose "Container Image"
3. Choose "Image name from internal registry" and expand the dropdown


Actual results:
There's no "openshift" namespace. See attachment #1 [details].


Expected results:
See the "openshift" namespace and deploy any image from it


Additional info:
The "openshift" has been always there to provide templates and images.


Actually the images can be used from the CLI, so there's nothing to be fixed in the permissions (users are already capable of read is and istag resources in the namespace):
[sgarciam@localhost ~]$ oc whoami
sgarcia
[sgarciam@localhost ~]$ oc auth can-i get istag -n openshift
yes
[sgarciam@localhost ~]$ oc auth can-i get is -n openshift
yes
[sgarciam@localhost ~]$ oc new-app redis:3.2
--> Found image a00c397 (6 months old) in image stream "openshift/redis" under tag "3.2" for "redis:3.2"
...
Comment 1 cvogt 2020-04-08 18:49:28 UTC 
In the Deploy Image form, we list all projects a user has access to followed by a drop down for the image streams the user can list in that project.
A self provisioner cannot list the openshift namespace but they can list imagestreams in that namespace. Therefore the user never sees the openshift namespace as an option.

In 3.11 we included the openshift namespace in this list.
We should do the same.
Comment 5 Gajanan More 2020-05-06 08:30:31 UTC 
Created attachment 1685598 [details]
Openshift is there in the drop down menu
Comment 6 Gajanan More 2020-05-06 08:31:27 UTC 
I have validated the bugzilla on:
Build:4.5.0-0.ci-2020-05-05-224426
Browser:Google Chrome Version 81.0.4044.129
Please have a look at the screenshot attached
Marking this as verified.
Comment 7 errata-xmlrpc 2020-07-13 17:26:08 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:2409
Note You need to log in before you can comment on or make changes to this bug.