Created attachment 1822867 [details] Accessing image vulnerabilities from admin console fails Description of problem: Unlike a cluster admin, a project admin cannot view Image Vulnerabilities from the Container Security Operator (CSO) in the admin console. This is because the Image Vulnerability view appears to be scoped cluster wide and a project admin does not have the necessary rights. Unfortunately when the error occurs the project does not get the opportunity to select a project from the project drop down as it is not available. If the project admin uses the Developer console and acceses the ManifestImageVuln type from Search it works fine. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. Login as project admin not cluster admin 2. Access Image Vulnerabilities in console 3. Error occurs as per attached screen shot. Actual results: Expected results: Additional info:
Created attachment 1838194 [details] ImageVul ClusterVersion: 4.10.0-0.nightly-2021-10-28-150422 Steps to Verify: 1. Login as project admin not cluster admin 2. Access Image Vulnerabilities in console now there is no error. attached screenshot
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:0056