1986302 – console continues to fetch prometheus alert and silences for normal user

Bug 1986302 - console continues to fetch prometheus alert and silences for normal user

Summary: console continues to fetch prometheus alert and silences for normal user

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Management Console
Sub Component:
Version:	4.9
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Target Release:	4.10.0
Assignee:	Joe Caiani
QA Contact:	Yadan Pei
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2042683
TreeView+	depends on / blocked

Reported:	2021-07-27 08:51 UTC by Yadan Pei
Modified:	2022-03-10 16:05 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	No Doc Update
Doc Text:
Clone Of:
Clones:	2042683 (view as bug list)
Environment:
Last Closed:	2022-03-10 16:04:47 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	openshift console pull 10725	0	None	open	Bug 1986302: Check rbac before polling for rules silences	2021-12-23 17:54:30 UTC
Red Hat Product Errata	RHSA-2022:0056	0	None	None	None	2022-03-10 16:05:06 UTC

Description Yadan Pei 2021-07-27 08:51:59 UTC

Description of problem:
every few seconds, console will try to pull following resources:
/api/prometheus/api/v1/rules
/api/alertmanager/api/v2/silences
thus normal user will get 403 Forbidden error because they doesn't have permission


Version-Release number of selected component (if applicable):
4.9.0-0.nightly-2021-07-26-071921

How reproducible:
Always

Steps to Reproduce:
1. normal user logins console and open browser console 
2.
3.

Actual results:
1. console is flooded with 403 Forbidden errors when user tries to pull
/api/prometheus/api/v1/rules
/api/alertmanager/api/v2/silences

Expected results:
maybe we should not pull prometheus rules and silences for normal user

Additional info:

Comment 5 Yadan Pei 2022-01-24 02:58:20 UTC

normal user logins console and open browser console 

no these errors
/api/prometheus/api/v1/rules
/api/alertmanager/api/v2/silences


verified on 4.10.0-0.nightly-2022-01-22-102609

Comment 8 errata-xmlrpc 2022-03-10 16:04:47 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0056

Note You need to log in before you can comment on or make changes to this bug.