Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-2451

conflict between multiple users application export

XMLWordPrintable

      Description of problem:

      Prerequisites (if any, like setup, operators/versions):

      login to console with 2 separate users with access to the same namespace

      With admin user ensure that each user has the ability to export an app:

       

      kind: ClusterRole
      apiVersion: rbac.authorization.k8s.io/v1
      metadata:
        name: primer-export
      rules:
        - verbs:
            - create
            - delete
            - get
            - list
          apiGroups:
            - primer.gitops.io
          resources:
            - exports
      

      eg Role binding for the `consoledeveloper`

       

      kind: ClusterRoleBinding
      apiVersion: rbac.authorization.k8s.io/v1
      metadata:
        name: consoledeveloper-export-primer
      subjects:
        - kind: User
          apiGroup: rbac.authorization.k8s.io
          name: consoledeveloper
      roleRef:
        apiGroup: rbac.authorization.k8s.io
        kind: ClusterRole
        name: primer-export
      

       

      Steps to Reproduce

      1. create a namespace
      2. create an application (eg deploy openshift/hello-openshift
      3. go to topology
      4. with user1 export the application
      5. with user2 go to the same namespace and attempt to export the application
      6. Observe
        user2 cannot export because an export is already in progress
        user2's export may differ from user1 due to differences in rbac
      7. wait for user1's export to complete and the toast to appear, do not close the toast
      8. with user2 start an export
      9. with user1 try to download 
      10. Observe
        download fails because starting user2's export results in the deletion of user1's export

       

      Reproducibility (Always/Intermittent/Only Once):

      always

      Build Details:

      4.9.0-0.nightly-2021-08-23-224104

      Additional info:

            sdoyle@redhat.com Serena Nichols
            christianvogt Christian Vogt
            Sanket Pathak Sanket Pathak
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: