orlakwahr
commented
2 years ago well I just removed everything. then added again and corrected template-namespaced-resources___developer before adding user - now all works.
Closed orlakwahr closed 1 year ago
orlakwahr
commented
2 years ago well I just removed everything. then added again and corrected template-namespaced-resources___developer before adding user - now all works.
hi.
after adding a user was getting kubectl exec -i -t -n thenamespace core-api-redis-master-0 -c redis "--" sh -c "(bash)" Error from server (Forbidden): pods "core-api-redis-master-0" is forbidden: User "system:serviceaccount:permission-manager:theuser" cannot create resource "pods/exec" in API group "" in the namespace "thenamespace"
did an edit clusterrole template-namespaced-resources___developer to add to rules-resourses: -pods/exec -pods/log
that works. then on web interface unable to list users. with Users ...loading
and in permission-manager pod: 2022/04/14 14:13:41 Failed to get users from k8s CRUD apiunknown method=GET, uri=/api/list-users, status=500 method=GET, uri=/api/rbac, status=200 method=GET, uri=/api/list-namespace, status=200
also can not access the user directly /users/theuser
2022/04/14 14:31:15 Failed to get users from k8s CRUD apiunknown method=GET, uri=/users/logo192.png, status=200 method=GET, uri=/users/theuser, status=200 2022/04/14 14:31:19 Failed to get users from k8s CRUD apiunknown
but kubectl get permissionmanagerusers NAME AGE permissionmanagerusers.permissionmanager.user.theuser 166m
any pointers how to fix that? thanks