Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Undefined
Fix Version/s: None
Affects Version/s: 4.16
Component/s: Management Console
Labels:
- ServiceDeliveryImpact

Regression:
None
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Target Version:

4.18.0
Target Backport Versions:

4.17.z, 4.16.z, 4.18.z

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

This is a clone of issue OCPBUGS-50546. The following is the description of the original issue:
—
Description of problem:

A user without CSR read permission can not view the Node page in Openshift console.

Version-Release number of selected component (if applicable):

    4.16.30

How reproducible:

    Always

Steps to Reproduce:

    1. Create a 4.16.30 ROSA/OSD cluster
    2. Assign a user with dedicated-admins group. dedicated-admins has get node permission but without CSR related permissions.
    3. Open console access Compute - Node page

Actual results:

The page only shows an error, without other content:

certificatesigningrequests.certificates.k8s.io is forbidden: User "xxxx" cannot list resource "certificatesigningrequests" in API group "certificates.k8s.io" at the cluster scope

Expected results:

The user should still be able to view nodes.

Additional info:

OSD-28173 - card for SRE tracking.

clones

OCPBUGS-50546 CSR permission should not be a hard requirement for viewing Node tab

ON_QA

is blocked by

OCPBUGS-50546 CSR permission should not be a hard requirement for viewing Node tab

ON_QA

links to

openshift/console#14787: [release-4.18] OCPBUGS-51149: Do not load CSRs if user does not have permissions

Assignee:: Jakub Hadvig

Reporter:: OpenShift Prow Bot

QA Contact:: YaDan Pei

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2025/02/21 10:28 AM

Updated:: 2025/02/21 10:28 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates