search

solo-io / gloo-portal-issues

Public tracker for issues related to Gloo Portal
https://docs.solo.io/gloo-portal/latest/
1 stars 3 forks source link

Portal VS creation fails on OpenShift due to missing permission #90

Closed jameshbarton closed 3 years ago

jameshbarton commented 3 years ago

Describe the bug When running Gloo Portal on OpenShift in Gloo Edge mode, the gloo-portal-controller deployment is unable to generate the Portal's VirtualService due to RBAC constraints.

To Reproduce Create a basic portal setup (e.g. APIDoc, APIProduct, Routes, etc.) and check the logs of the gloo-portal-controller deployment See this error:

"msg":"failed upserting resource","resource":"petstore-portal.gloo-fed..*v1.VirtualService","status_update":false,"err":"virtualservices.gateway.solo.io \"petstore-portal\" is forbidden: cannot set blockOwnerDeletion if an ownerReference refers to a resource you can't set finalizers on: , <nil>","stacktrace":"github.com/solo-io/skv2/contrib/pkg/output.Snapshot.syncList\n\t/home/runner/go/pkg/mod/github.com/solo-io/skv2@v0.17.18/contrib/pkg/output/snapshot.go:275\ngithub.com/solo-io/skv2/contrib/pkg/output.Snapshot.SyncLocalCluster\n\t/home/runner/go/pkg/mod/github.com/solo-io/skv2@v0.17.18/contrib/pkg/output/snapshot.go:225\ngithub.com/solo-io/dev-portal/pkg/api/gloo.solo.io/output.(*snapshot).ApplyLocalCluster\n\t/home/runner/work/dev-portal/dev-portal/pkg/api/gloo.solo.io/output/snapshot.go:194\ngithub.com/solo-io/dev-portal/pkg/routing/gateway/edge/portal.(*glooPortalRouter).EnsurePortalRoutes\n\t/home/runner/work/dev-portal/dev-portal/pkg/...
{"level":"error","ts":1628022141.7713253,"logger":"gloo_portal","msg":"failed upserting resource","resource":"petstore-portal.gloo-fed..*v1.VirtualService","status_update":false,"err":"virtualservices.gateway.solo.io \"petstore-portal\" is forbidden: cannot set blockOwnerDeletion if an ownerReference refers to a resource you can't set finalizers on: , <nil>","stacktrace":"github.com/solo-io/skv2/contrib/pkg/output.Snapshot.syncList\n\t/home/runner/go/pkg/mod/github.com/solo-io/skv2@v0.17.18/contrib/pkg/output/snapshot.go:275\ngithub.com/solo-io/skv2/contrib/pkg/output.Snapshot.SyncLocalCluster\n\t/home/runner/go/pkg/mod/github.com/solo-io/skv2@v0.17.18/contrib/pkg/output/snapshot.go:225\ngithub.com/solo-io/dev-portal/pkg/api/gloo.solo.io/output.(*snapshot).ApplyLocalCluster\n\t/home/runner/work/dev-portal/dev-portal/pkg/api/gloo.solo.io/output/snapshot.go:194\ngithub.com/solo-io/dev-portal/pkg/routing/gateway/edge/portal.(*glooPortalRouter).EnsurePortalRoutes\n\t/home/runner/work/dev-portal/dev-portal/pkg/...

Fix Notes https://github.com/solo-io/dev-portal/blob/main/install/helm/gloo-portal/templates/rbac.yaml#L11 Add below line 11 this entry: - portals/finalizers

Expected behavior VS should be created successfully

Additional context

marcogschmidt commented 3 years ago

This issue has been addressed and will be released with Gloo Portal v1.0.2 and v1.1.0-beta3.