The workspace controller terminates the workspace pod if the Install RPC method fails, to avoid leaving the pod in an undefined state. Unfortunately, this masks authz errors, because Install is the first call that is made. Usability would improve if the controller didn't discard the pod in that situation, accomplished either by special-casing the error handling or by calling the WhoAmI RPC method firstly.
cleverguy25
commented
2 weeks ago
The workspace controller terminates the workspace pod if the
InstallRPC method fails, to avoid leaving the pod in an undefined state. Unfortunately, this masks authz errors, becauseInstallis the first call that is made. Usability would improve if the controller didn't discard the pod in that situation, accomplished either by special-casing the error handling or by calling theWhoAmIRPC method firstly.