-
Bug
-
Resolution: Done
-
Normal
-
None
-
4.19
-
Quality / Stability / Reliability
-
False
-
-
3
-
Critical
-
Yes
-
None
-
Rejected
-
Auth Feature Team - Sprint 273, Auth Feature Team - Sprint 274, Auth Feature Team - Sprint 275
-
3
-
In Progress
-
Release Note Not Required
-
N/A
-
None
-
None
-
None
-
None
Description of problem:
Testing in latest OCP env built with cluster-bot payload `build 4.19,openshift/cluster-authentication-operator#740`, the "Observe" navigation menu disappears for a cluster-admin after configuring OCP external OIDC.
But in the past in OCP external OIDC env, that menu did appear as https://issues.redhat.com/browse/OCPBUGS-45042?focusedId=26156328&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-26156328 screenshot showed.
So this is a regression issue.
Version-Release number of selected component (if applicable):
cluster-bot payload built today with: `build 4.19,openshift/cluster-authentication-operator#740`
How reproducible:
Always
Steps to Reproduce:
1. Launch a TechPreviewNoUpgrade standalone OCP cluster with above build. 2. Login to console with kubeadmin to visit "Observe" -> "Metrics". This succeeds. 3. Configure Entra ID external OIDC. 4. Grant cluster-admin to OIDC user 'oidc-user-test:xxia@redhat.com': $ oc adm policy add-cluster-role-to-user cluster-admin 'oidc-user-test:xxia@redhat.com' --context=admin Warning: User 'oidc-user-test:xxia@redhat.com' not found (a separate bug will be filed) clusterrole.rbac.authorization.k8s.io/cluster-admin added: "oidc-user-test:xxia@redhat.com" 5. Login to console with above OIDC user. The user can view other cluster-wide menu like "Operators" and "Administration". But the "Observe" menu does not exist! See screenshot https://drive.google.com/file/d/1sFo9Ioc4I00zZun2GhNbqZw1k5xvGcTT/view?usp=sharing .
Actual results:
As above.
Expected results:
The "Observe" menu should exist.
Additional info:
- links to