Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Openshift connector and Che: openshift user should be logged automatically with the Openshift user. #15261

Closed
sunix opened this issue Nov 20, 2019 · 11 comments
Closed

Openshift connector and Che: openshift user should be logged automatically with the Openshift user. #15261

sunix opened this issue Nov 20, 2019 · 11 comments
Assignees
@vinokurig
Labels
kind/enhancement A feature request - must adhere to the feature request template. severity/P1 Has a major impact to usage or development of the system. status/in-progress This issue has been taken by an engineer and is under active development.
Milestone
7.12

Comments

@sunix
Copy link
Contributor

sunix commented Nov 20, 2019
edited
Loading

Is your enhancement related to a problem? Please describe.

Having

  • a workspace that use the openshift connector plugin
  • a Che server running on Openshift v4.2 and OpenShift oAuth activated

When a user is opening the openshift connector panel, he is connected as his openshift user. and see (without any project)
Selection_461

Describe the solution you'd like

When a user is opening the openshift connector panel, he should be connected as his openshift user. and not have to login with his credential or token
@sunix sunix added the kind/enhancement A feature request - must adhere to the feature request template. label Nov 20, 2019
@che-bot che-bot added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Nov 20, 2019
@tsmaeder tsmaeder added the status/info-needed More information is needed before the issue can move into the “analyzing” state for engineering. label Nov 21, 2019
@tsmaeder
Copy link
Contributor

Not sure I understand this one correctly: What I understand is this:

  1. When opening the connector panel, the cluster that Che is running on is displayed per default
  2. Your expectation is that the user is already logged into that cluster as the same user he uses to log into Che?

@tsmaeder
Copy link
Contributor

@sunix this seems upstream behaviour, right?

@sunix
Copy link
Contributor Author

sunix commented Nov 21, 2019

Not sure I understand this one correctly: What I understand is this:

  1. When opening the connector panel, the cluster that Che is running on is displayed per default
  2. Your expectation is that the user is already logged into that cluster as the same user he uses to log into Che?

yes

@sunix this seems upstream behaviour, right?

not an upstream issue.

@slemeur slemeur mentioned this issue Nov 25, 2019
Closed
14 tasks
@azatsarynnyy
Copy link
Member

OpenShift Connector plugin is connected to a cluster as Che service account. ATM I don't see how we can connect plugin automatically as OpenShift user.

Improving a kubeconfig injection with chectl could make the UX is a bit better. See #14877

@l0rd
Copy link
Contributor

l0rd commented Nov 27, 2019

@azatsarynnyy a couple of comments:

  1. When we inject the context using chectl the OpenShift Connector plugin will use that context (and not the workspace serviceaccount) to connect to the cluster right?
  2. When Che is deployed on OpenShift in multi-user mode and OpenShift OAuth enabled we should inject the OpenShift context of the current Che user at workspace startup (no need to use chectl)

@l0rd
Copy link
Contributor

l0rd commented Nov 27, 2019

Hence for me #14877 and this one are distinct issues:

And this issue is probably the most critical one. But if for technical reasons solving #14877 helps solve this one let's start with #14877. Does that make sense?

@benoitf benoitf removed the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Nov 27, 2019
@sunix sunix removed their assignment Nov 27, 2019
@vparfonov vparfonov added this to the Backlog - IDE 1 milestone Nov 27, 2019
@azatsarynnyy
Copy link
Member

azatsarynnyy commented Nov 28, 2019
edited
Loading

@azatsarynnyy a couple of comments:

When we inject the context using chectl the OpenShift Connector plugin will use that context (and not the workspace serviceaccount) to connect to the cluster right?

right

When Che is deployed on OpenShift in multi-user mode and OpenShift OAuth enabled we should inject the OpenShift context of the current Che user at workspace startup (no need to use chectl)

@l0rd where we can get the OpenShift context of the current Che user in that case? Is that information stored somewhere?

@slemeur slemeur mentioned this issue Dec 2, 2019
Closed
@slemeur slemeur mentioned this issue Dec 12, 2019
Closed
3 tasks
@ericwill ericwill mentioned this issue Dec 17, 2019
Closed
15 tasks
@ericwill ericwill mentioned this issue Jan 8, 2020
Closed
16 tasks
@vinokurig vinokurig self-assigned this Jan 9, 2020
@vinokurig
Copy link
Contributor

vinokurig commented Jan 13, 2020
edited
Loading

Depends on #15670

@vinokurig vinokurig added the status/blocked Issue that can’t be moved forward. Must include a comment on the reason for the blockage. label Jan 13, 2020
@azatsarynnyy azatsarynnyy removed their assignment Jan 13, 2020
@ericwill ericwill mentioned this issue Jan 28, 2020
Closed
12 tasks
@ericwill ericwill mentioned this issue Feb 19, 2020
Closed
21 tasks
@vinokurig vinokurig added status/in-progress This issue has been taken by an engineer and is under active development. and removed status/info-needed More information is needed before the issue can move into the “analyzing” state for engineering. labels Mar 4, 2020
@vinokurig vinokurig mentioned this issue Mar 4, 2020
Merged
@vinokurig vinokurig removed the status/blocked Issue that can’t be moved forward. Must include a comment on the reason for the blockage. label Mar 4, 2020
@ericwill ericwill mentioned this issue Mar 12, 2020
Closed
50 tasks
This was referenced Mar 13, 2020
Merged
Closed
@vinokurig vinokurig mentioned this issue Mar 30, 2020
Merged
@ericwill ericwill mentioned this issue Apr 1, 2020
Closed
47 tasks
@vinokurig vinokurig mentioned this issue Apr 6, 2020
Merged
@sunix
Copy link
Contributor Author

sunix commented Apr 10, 2020

@ericwill @vinokurig any update on this one ? what is the status ?

@sunix sunix added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Apr 10, 2020
@vinokurig
Copy link
Contributor

It is almost done, waiting for che-incubator/che-theia-openshift-auth#1 and eclipse-che/che-plugin-registry#419 to be reviewed

@vparfonov vparfonov removed the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Apr 13, 2020
@nickboldt nickboldt modified the milestones: Backlog - IDE 1, 7.12 Apr 14, 2020
@dmytro-ndp dmytro-ndp added the severity/P1 Has a major impact to usage or development of the system. label Apr 14, 2020
@dmytro-ndp
Copy link
Contributor

dmytro-ndp commented Apr 14, 2020
edited
Loading

The issue is quite important for downstream project CRW, and it would be nice to have it fixed in CRW 2.2.

@vinokurig vinokurig mentioned this issue Apr 23, 2020
Closed
5 tasks
@sunix sunix mentioned this issue May 14, 2020
Closed
@sunix sunix mentioned this issue Aug 12, 2020
Closed
22 tasks
@l0rd l0rd mentioned this issue Nov 16, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vinokurig vinokurig

Labels
kind/enhancement A feature request - must adhere to the feature request template. severity/P1 Has a major impact to usage or development of the system. status/in-progress This issue has been taken by an engineer and is under active development.
Projects
None yet
Milestone
7.12
Development

No branches or pull requests
10 participants
@nickboldt @benoitf @l0rd @sunix @dmytro-ndp @azatsarynnyy @vparfonov @vinokurig @tsmaeder @che-bot