Description of problem: User settings are not getting saved on the cluster in the user-settings config map. Instead they are being saved in local storage. Version-Release number of selected component (if applicable): Observed on dev sandbox 4.8.15 Also reproducible on 4.10 dev clusters How reproducible: Steps to Reproduce: 1. log in as a non-admin user 2. navigate to a page which deals with user settings such as topology 3. inspect the network traffic with web inspector Actual results: 403 error attempting to fetch the user settings config map user settings are stored in local storage Expected results: fetching the config map should be successful user settings should be stored in the user-settings config map Additional info:
Network communication on a local cluster (http): GET .../api/kubernetes/api/v1/namespaces/openshift-console-user-settings/configmaps/user-settings-185287fc-0957-4422-b3ea-df5e03046d78 returns 404 POST .../api/console/user-settings (3 times) WATCH ws://.../api/kubernetes/api/v1/namespaces/openshift-console-user-settings/configmaps?watch=true&fieldSelector=metadata.name%3Duser-settings-185287fc-0957-4422-b3ea-df5e03046d78 PATCH .../api/kubernetes/api/v1/namespaces/openshift-console-user-settings/configmaps/user-settings-185287fc-0957-4422-b3ea-df5e03046d78 PATCH ... PATCH ... PATCH ... But on sandbox (with https) I could not see the first GET call. Instead it starts directly with these wss:// WATCH calls. That might be the reason why the POST call to create the ConfigMap, Role and RoleBinding is not called.
But calling the API manually (with valid tokens copied from chrome) doesn't work: curl -vs -X GET 'https://...sandbox.../api/console/user-settings' ... < HTTP/1.1 404 Not Found ... {"error":"Failed to get user settings: configmaps \"user-settings-b007bab6-9b47-4685-9f1b-59d54905bd3c\" not found"} curl -vs -X POST 'https://...sandbox.../api/console/user-settings' ... < HTTP/1.1 403 Forbidden < content-length: 0 ... %
Verified on 4.10.0-0.ci-2022-01-18-093446
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:0056