Loading...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Critical
Fix Version/s: Logging 5.8.2
Affects Version/s: Logging 5.8.1, Logging 5.9.0
Component/s: Log Console
Labels:
- TestBlocker
- devel_ack+

Blocked:
False
Blocked Reason:
None
Ready:
False
Docs QE Status:
NEW
QE Status:
NEW
Release Note Text:
Prior to this fix, the developer console's logs did not account for the current namespace, resulting in query rejection for users without cluster-wide log access. The fix now ensures correct namespace inclusion for all supported OCP versions
Release Note Type:
Bug Fix
Intelligence Requested:
Market:

Severity:
Important

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Description of problem:

On Openshift v4.15, the regular user can not display app logs after grant cluster-logging-application-view role. this function works on Openshift v4.14.

How reproducible:

Alawys

Steps to Reproduce:

1) Deploy clusterlogging and lokistack, send logs to lokistack using vector.

apiVersion: "logging.openshift.io/v1"
kind: "ClusterLogging"
metadata:
  name: "instance"
  namespace: openshift-logging
spec:
  managementState: "Managed"
  logStore:
	type: "lokistack"
	lokistack:
  	name: lokistack-sample
  collection:
	type: "vector"

2) testuser-1 create pods under project-testuser-1
3) grant testuser-1 view logs/alerts to project-testuser-1

oc -n project-testuser-1 policy add-role-to-user admin testuser-1
oc -n project-testuser-1 policy add-role-to-user cluster-logging-application-view testuser-1
oc -n project-testuser-1 policy add-role-to-user monitoring-rules-edit testuser-1
oc -n project-testuser-1 policy add-role-to-user cluster-monitoring-view  testuser-1

4)query application logs using the token of testuser-1

Check the logs in DevConsole as testuser-1

Actual results:

Can not display logs.

Expected results:

pod logs can be displayed in DevConsole

Additional info:

Once prompt testuser-1 to cluster-admin role, the user can see the logs

clones

LOG-4905 The regular user can not display app logs after grant cluster-logging-application-view role on OCP 4.15 Console

Closed

links to

openshift/logging-view-plugin#175: [release-5.8] LOG-4947: merge react router url params with props

openshift/openshift-docs#70380: OBSDOCS-724 - Logging 5.8.2 Release Notes

RHBA-2023:125709 Logging Subsystem 5.8.2 - Red Hat OpenShift

mentioned on

Merge request - Updated US source to: 03e0d9b Merge pull request #176 from openshift-cherrypick-robot/cherry-pick-172-to-release-5.8

Assignee:: Gabriel Bernal

Reporter:: Anping Li

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2024/01/10 1:55 PM

Updated:: 2024/05/14 9:25 AM

Resolved:: 2024/01/17 11:31 AM

Details

Description

Description of problem:

How reproducible:

Steps to Reproduce:

Actual results:

Expected results:

Additional info:

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates