Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-4726

Quay 3.8.0 no audit logs when superuser trigger and cancel build under normal user's namespace with superuser full access enabled

XMLWordPrintable

    • 0

      Description:

      This is an issue of Quay 3.8.0 new feature "superuser full access", after enabled flag "FEATURE_SUPERUSERS_FULL_ACCESS: true", superuser can trigger and cancel build under normal user's namespace, but these operations can not be audited in the usage logs of normal user's organization. Pls review this issue.

      Expected Deliverable: "any superuser action on tenant content can be audited"

      Quay Image: quay-operator-bundle-container-v3.8.0-115

      Superuser trigger the build under normal user's namespace:

      Superuser cancel the build under normal user's namespace:

      Check the usage logs:

      The usage logs of normal user's organization:

        1. image-2022-11-09-16-10-17-968.png
          172 kB
          luffy zhang
        2. image-2022-11-09-16-13-09-190.png
          236 kB
          luffy zhang
        3. image-2022-11-09-16-18-14-634.png
          358 kB
          luffy zhang
        4. Screenshot from 2023-01-12 12-49-24.png
          179 kB
          Weihua Hu
        5. Screenshot from 2023-02-09 18-06-58.png
          155 kB
          Weihua Hu

            sleesinc Kenny Lee Sin Cheong
            lzha1981 luffy zhang
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: