2003845 – Project admin cannot access image vulnerabilities view

Bug 2003845 - Project admin cannot access image vulnerabilities view

Summary: Project admin cannot access image vulnerabilities view

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Management Console
Sub Component:
Version:	4.8
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Target Release:	4.10.0
Assignee:	Joe Caiani
QA Contact:	Siva Reddy
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2051523
TreeView+	depends on / blocked

Reported:	2021-09-13 22:14 UTC by Gerald Nunn
Modified:	2022-03-10 16:10 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Clones:	2051523 (view as bug list)
Environment:
Last Closed:	2022-03-10 16:10:01 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
Accessing image vulnerabilities from admin console fails (69.31 KB, image/png) 2021-09-13 22:14 UTC, Gerald Nunn	no flags	Details
ImageVul (70.70 KB, image/png) 2021-10-29 05:40 UTC, Siva Reddy	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	openshift console pull 10150	0	None	open	Bug 2003845: change the Image Vulnerabilities tab to be project and not cluster scoped	2021-09-28 21:00:17 UTC
Red Hat Product Errata	RHSA-2022:0056	0	None	None	None	2022-03-10 16:10:28 UTC

Description Gerald Nunn 2021-09-13 22:14:49 UTC

Created attachment 1822867 [details]
Accessing image vulnerabilities from admin console fails

Description of problem:

Unlike a cluster admin, a project admin cannot view Image Vulnerabilities from the Container Security Operator (CSO) in the admin console. This is because the Image Vulnerability view appears to be scoped cluster wide and a project admin does not have the necessary rights.

Unfortunately when the error occurs the project does not get the opportunity to select a project from the project drop down as it is not available.

If the project admin uses the Developer console and acceses the ManifestImageVuln type from Search it works fine.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Login as project admin not cluster admin
2. Access Image Vulnerabilities in console
3. Error occurs as per attached screen shot.

Actual results:


Expected results:


Additional info:

Comment 3 Siva Reddy 2021-10-29 05:40:39 UTC

Created attachment 1838194 [details]
ImageVul


ClusterVersion:
 4.10.0-0.nightly-2021-10-28-150422

Steps to Verify:
1. Login as project admin not cluster admin
2. Access Image Vulnerabilities in console
   
  now there is no error. attached screenshot

Comment 7 errata-xmlrpc 2022-03-10 16:10:01 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0056

Note You need to log in before you can comment on or make changes to this bug.