Uploaded image for project: 'Knative Serving'
  1. Knative Serving
  2. SRVKS-237

Any `all` operation with `oc` as a regular user causes throws errors

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • TP1
    • v0.7.0
    • QA
    • None
    • Serverless Sprint 172

      With knative serving installed on an OCP4.1 cluster if I do any operator that involves all in a project as regular user it complains.

       

      Here is an example 

       

      ```
      $ oc delete all -l template=mongodb-ephemeral-template
      replicationcontroller "mongodb-1" deleted
      service "mongodb" deleted
      deploymentconfig.apps.openshift.io
      "mongodb" deleted
      Error from server (Forbidden): podautoscalers.autoscaling.internal.knative.dev is forbidden: User "veer" cannot list resource "podautoscalers" in API group "autoscaling.internal.knative.dev" in the namespace "demo"
      Error from server (Forbidden): images.caching.internal.knative.dev is forbidden: User "veer" cannot list resource "images" in API group "caching.internal.knative.dev" in the namespace "demo"
      Error from server (Forbidden): certificates.networking.internal.knative.dev is forbidden: User "veer" cannot list resource "certificates" in API group "networking.internal.knative.dev" in the namespace "demo"
      Error from server (Forbidden): serverlessservices.networking.internal.knative.dev is forbidden: User "veer" cannot list resource "serverlessservices" in API group "networking.internal.knative.dev" in the namespace "demo"
      Error from server (Forbidden): clusteringresses.networking.internal.knative.dev is forbidden: User "veer" cannot list resource "clusteringresses" in API group "networking.internal.knative.dev" at the cluster scope
      Error from server (Forbidden): ingresses.networking.internal.knative.dev is forbidden: User "veer" cannot list resource "ingresses" in API group "networking.internal.knative.dev" in the namespace "demo"
      Error from server (Forbidden): configurations.serving.knative.dev is forbidden: User "veer" cannot list resource "configurations" in API group "serving.knative.dev" in the namespace "demo"
      Error from server (Forbidden): routes.serving.knative.dev is forbidden: User "veer" cannot list resource "routes" in API group "serving.knative.dev" in the namespace "demo"
      Error from server (Forbidden): services.serving.knative.dev is forbidden: User "veer" cannot list resource "services" in API group "serving.knative.dev" in the namespace "demo"
      Error from server (Forbidden): revisions.serving.knative.dev is forbidden: User "veer" cannot list resource "revisions" in API group "serving.knative.dev" in the namespace "demo"
      Error from server (Forbidden): clustertasks.tekton.dev is forbidden: User "veer" cannot list resource "clustertasks" in API group "tekton.dev" at the cluster scope
      ```

      No such issues if you are a user with `cluster-admin` role.

              rhn-support-afield Alan Field
              vmuchand Veer Muchandi (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: