Description of problem: When user trying to create Image MainfestVuln in Operator “Red Hat Quay Container ”, 404: Not Found will be shown Version-Release number of selected component (if applicable): 4.11.0-0.nightly-2022-04-26-181148, 4.10.12 How reproducible: Always Steps to Reproduce: 1. Login OCP as administrator, Install Operator “Red Hat Quay Container Security Operator” in Operators -> Installed Operators page 2. Go to "Image Manifest Vulnerability" Tab and click "Create ImageManifestVuln" button Actual results: 2. 404: Not found will be shown on page Error message as below will shown on console of browser: Failed to load resource: the server responded with a status of 404 (Not Found) main-chunk-fea06f8608bca2883948.min.js:1 consoleFetch failed for url /api/kubernetes/apis/secscan.quay.redhat.com/v1alpha1/namespaces/openshift-operators/imagemanifestvulns/~new a: imagemanifestvulns.secscan.quay.redhat.com "~new" not found at https://console-openshift-console.apps.rioliu042901.qe.gcp.devcluster.openshift.com/static/main-chunk-fea06f8608bca2883948.min.js:1:150243 Expected results: 2. User is able to get ImageManifestVuln when operator is created successfully User is able to create Image Manifest Vulnerability by clicking the create button Additional info:
Changing this to a low severity bug since manual creation of an ImageManifestVuln resource is not a supported case. The container security operator manages the creation of these resources. This does highlight an issue where operand resource detail and list page extensions are not being rendered on routes with the CSV in the path. Currently, the container security package is providing custom routes for the ImageManifestVuln details page, but this is colliding with the default operand create route. This leads to the console attempting to render a details page for an ImageManifestVuln resource named `~new`, which of course doesn't exist. We need to remove the route extensions from the container security package and replace the current operand details and list pages with the appropriate extensions when they exist.
Hi @jonjacks After checking with creating an instance by using the button on the "Details" page we still got the "On no! Something went wrong" error(Attached error image), could you help to check? And another issue is the button "Create ImageManifestVuln" is being removed from the "Image Manifest Vulnerability" Tab, which is incorrect
> And another issue is the button "Create ImageManifestVuln" is being removed from the "Image Manifest Vulnerability" Tab, which is incorrect This is actually the expected behavior. These resources are not intended to be manually created by users. The container security plugin is intentionally omitting the create button.
Failed to verify this PR on 4.13.0-0.nightly-2022-11-13-214426 And the PR has not been merged into 4.12 nightly build, could you help to update the value of "Target release"? Reproduce Step: 1. Login OCP as administrator, Install Operator “Red Hat Quay Container Security Operator” in Operators -> Installed Operators page 2. Go to "Image Manifest Vulnerability" Tab, and check if the page can be loaded normally 3. Use "Create Instance" on the Details page, provide fake information eg: Name: example image: HTTP://test.test.com 4. After creation, go to "Image Manifest Vulnerability" Tab again, and check if the page could be loaded as expected Result: 4. Oh no! Something went wrong will shown on the page (Details can be check on attached file) Error details: TypeError Description: Cannot read properties of undefined (reading 'slice') Component trace: at L (https://console-openshift-console.apps.jhajyahy-qw.qe.devcluster.openshift.com/static/container-security-chunk-c75072388768580246ce.min.js:1:3332) at https://console-openshift-console.apps.jhajyahy-qw.qe.devcluster.openshift.com/static/main-chunk-95e83174c27bb3f24acd.min.js:1:759995 at tr at T (https://console-openshift-console.apps.jhajyahy-qw.qe.devcluster.openshift.com/static/main-chunk-95e83174c27bb3f24acd.min.js:1:758953) at t (https://console-openshift-console.apps.jhajyahy-qw.qe.devcluster.openshift.com/static/vendors~main-chunk-e9bfa0f3a29fdab5bcce.min.js:141:70772) at tbody at table at m (https://console-openshift-console.apps.jhajyahy-qw.qe.devcluster.openshift.com/static/vendors~main-chunk-e9bfa0f3a29fdab5bcce.min.js:233:141641) at s (https://console-openshift-console.apps.jhajyahy-qw.qe.devcluster.openshift.com/static/vendors~main-chunk-e9bfa0f3a29fdab5bcce.min.js:238:116626) at D (https://console-openshift-console.apps.jhajyahy-qw.qe.devcluster.openshift.com/static/main-chunk-95e83174c27bb3f24acd.min.js:1:760086) at div at div at t (https://console-openshift-console.apps.jhajyahy-qw.qe.devcluster.openshift.com/static/vendors~main-chunk-e9bfa0f3a29fdab5bcce.min.js:93:65918) at t (https://console-openshift-console.apps.jhajyahy-qw.qe.devcluster.openshift.com/static/vendors~main-chunk-e9bfa0f3a29fdab5bcce.min.js:92:42978) at o (https://console-openshift-console.apps.jhajyahy-qw.qe.devcluster.openshift.com/static/main-chunk-95e83174c27bb3f24acd.min.js:1:769887)
@xiyuzhao I think the runtime error you're seeing might be a pre-existing bug caused by a list page extension provided in the container-security dynamic plugin. I was able to reproduce the same runtime error by navigating to "Administrator > Image Vulnerabilities", which is using the same list page component as the operator details page. I've opened a new bug to track this problem: https://issues.redhat.com/browse/OCPBUGS-3648 and updated https://github.com/openshift/console/pull/12229 to point to that bug. As for this bug, I believe the issue was fixed by https://github.com/openshift/console/pull/11883, which was released in 4.12. A 404 error is no longer encountered when navigating to the ImageManifestVuln creation page, and the user is able to successfully create an instance.
@jonjacks Thanks for the reply, it's very clear This bug has been verified on payload 4.12.0-0.nightly-2022-11-10-0337251 Verification Step: 1. Install Operator “Red Hat Quay Container Security Operator” in Operators -> Installed Operators page 2. Go to "Image Manifest Vulnerability" Tab, and check if the page can be loaded normally Result: 2. The error message "404 Not found" is gone The message "IMV '\n' No Image vulnerabilities found" will be shown on the "Image Manifest Vulnerability" page The button "Create ImageManifestVuln" will not be shown on the page Note: for the issue that was found after creating the ImageManifesVulnerability, all verification will be updated on OCPBUGS-3648
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.12.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:7399