Tested version: ---------------- OCP - 4.12.0-0.nightly-2023-02-20-203301 ODF - quay.io/rhceph-dev/ocs-registry:4.12.1-16 Test steps: ----------- # Create openshift user 1. Go to hub cluster --> User management --> User --> Add IDP 2. Create username and htpassword and add in the necessary details 3. verify "oc get user" $ oc get user NAME UID FULL NAME IDENTITIES sraghave bdc40bf8-4d32-4579-acc7-db1c6f606569 htpasswd:sraghave # Create clusterrolebindings 1. local cluster --> User management --> roles 2. Search for below roles one by one * drclusters.ramendr.openshift.io-v1alpha1-view * drpolicies.ramendr.openshift.io-v1alpha1-view * open-cluster-management:view:<cluster-1-name> * open-cluster-management:view:<cluster-2-name> * open-cluster-management:subscription-admin 3. Click roles --> search for above --> Add Rolebinding to each role mentioned above * Select Cluster-wide rolebinding (Cluster-wide rolebinding is applied to all the above roles) * Name can be anything * Subject --> user * Subject name --> Username (openshift username that we created in step 1) 4. Create project "oc new-project test" 5. Create placementrule and drpc in the project 6. Create app via UI 7. Failover and Relocate Validate: ---------- 1. Login to hub cluster using htpasswd instead of kube:admin using username and password 2. All clusters --> Data services --> Checked for DRPolicy application page DRpolicy was shown, but we cannot edit/delete drpolicy 3. Validate failover and relocate apps from app user With all the above validations, Moving the BZ to verified.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: Red Hat OpenShift Data Foundation 4.12.1 security bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2023:1170