Closed juadk closed 5 months ago
I think the issue is that the issue is elemental-admin role does not see the elemental-operator deployment.
@aalves08 I have been thinking a bit more regarding that and I was wondering about the UI test to verify elemental-operator
is actually installed. IIRC this was done by checking the existence of certain CRD. Can you confirm that? which CRD is actually verified?
I was wondering, what if we try to annotate such a CRD to include the elemental-operator version?
In addition, then we could even use that at helm chart level to prevent a mismatch between the version of the crds chart with the deployment chart.
@aalves08 I have been thinking a bit more regarding that and I was wondering about the UI test to verify
elemental-operator
is actually installed. IIRC this was done by checking the existence of certain CRD. Can you confirm that? which CRD is actually verified? I was wondering, what if we try to annotate such a CRD to include the elemental-operator version? In addition, then we could even use that at helm chart level to prevent a mismatch between the version of the crds chart with the deployment chart.
the resource is catalog.cattle.io.app
, we check for the existance of an installed app here with the id elemental-operator
. We combine that with also the existance of a schema for an Elemental resource (ex: machine inventories). The goal is to match install + permissions.
But the problem is the same... If a user doesn't have access to that cluster (99% of the times it's the local
one) we cannot definitively assert the installation and/or access is correct.
I've had another idea (non-hacky imo), but I've asked Neil to give his opinion on it before I present it to you guys.
Apart from that I can only come up with a couple of very hacky solutions which, imo, shouldn't be considered so that we don't introduce a bad pattern for the future 💦 😓
We are probably missing a read permission on that resource for the elemental administrator globalrole
, I will try to add it locally and see if I can reproduce this.
All is good from my side, the user account is enabled back here https://github.com/rancher/elemental/pull/1412
Description
Standard user with elemental admin role does not see the expected default cloud-config file:
instead of:
There is no issue if you use the admin account. Probably introduced by https://github.com/rancher/elemental-ui/pull/169
Env
Rancher:
2.8.3
Elemental dev UI:1.3.1-rc4
Elemental operator:1.6.0