-
Bug
-
Resolution: Done
-
Critical
-
RHODS_1.16.0_GA
-
False
-
None
-
False
-
-
Release Notes
-
No
-
-
-
-
-
-
1.17.0-9
-
No
-
-
Documented as Resolved Issue
-
No
-
Yes
-
None
-
RHODS 1.17
-
Important
Description of problem:
If cluster admin privileges are assign to a group instead of specific user the Dashboard does not recognize the users from that group as RHODS Admin.
Bug related to https://issues.redhat.com/browse/RHODS-2740
Prerequisites (if any, like setup, operators/versions):
Steps to Reproduce
- Assign cluster admin permission to an Openshift group
- Log in RHODS Dashboard using one of the users belonging to the group from point 1
- check if you have access to "Settings" section
- Assign cluster admin permission to a specific user rather than a group
- repeat point 2 and 3
Actual results:
- no RHODS admin access for cluster admin "group"
- RHODS admin access granted for cluster admin "user"
Expected results:
RHODS admin access granted for all the cluster admins
Reproducibility (Always/Intermittent/Only Once):
Always
Build Details:
RHODS v1.16
Workaround:
Assign cluster admin permissions using this kind of ClusterRoleBinding:
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: my-user-cluster-admin roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: User apiGroup: rbac.authorization.k8s.io name: my-user
Additional info:.
CRB for cluster admin "group"
kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: osd-cluster-admin labels: hive.openshift.io/managed: 'true' managedFields: - kind: Group apiGroup: rbac.authorization.k8s.io name: cluster-admins subjects: - kind: Group apiGroup: rbac.authorization.k8s.io name: my-user-group roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin
- duplicates
-
RHODS-5200 Are cluster-admins really automatically added as Data Science admins
- Closed
- is caused by
-
RHODS-2740 Admin UI for mapping RHODS groups
- Closed
- relates to
-
RHODS-5420 Cluster admin does not get RHODS Admin access if it's the only user in the cluster
- Closed