New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug 1826808: added endpoint to fetch duck typed knative event source crds #4945
Bug 1826808: added endpoint to fetch duck typed knative event source crds #4945
Conversation
/assign @spadgett |
2591466
to
388330a
Compare
a00f66e
to
b604805
Compare
/assign @christianvogt |
/assign @invincibleJai |
Verified locally and in-cluster mode in in-cluster mode
in off-cluster (localhost)
@abhi-kn Thanks , i was able to verify the changes |
It would be better if we could only return the group/version/kind in the response instead of the entire resource. That way we don't leak additional information about the CRD that you wouldn't otherwise be able to see. |
/kind feature |
9229c59
to
491dde0
Compare
Added |
@benjaminapetersen it might be good for you to look since you know go better |
916b400
to
e03c6f1
Compare
/retest |
1 similar comment
/retest |
@abhi-kn: This pull request references Bugzilla bug 1826808, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker. 3 validation(s) were run on this bug
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
61c7b18
to
d82b834
Compare
/retest |
2 similar comments
/retest |
/retest |
d82b834
to
a8aaf06
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/approve
/lgtm
/bugzilla refresh |
@spadgett: This pull request references Bugzilla bug 1826808, which is valid. 3 validation(s) were run on this bug
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: abhi-kn, jhadvig, spadgett, stlaz The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Storage bool `json:"storage" protobuf:"varint,3,opt,name=storage"` | ||
} | ||
|
||
// EventSourceSpec describes how a user wants their resource to appear |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit, you could put the types
in a types.go
and the utils in a separate file, but not a big deal unless you keep adding to this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agree. Hope its fine if I consider it in next change set!
@abhi-kn: All pull requests linked via external trackers have merged: openshift/console#4945. Bugzilla bug 1826808 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Fixes:
https://issues.redhat.com/browse/ODC-3398
Analysis / Root cause:
Need a new end point in console that specifically returns metadata for all knative event source CRDs. This shall allow an unprivileged user to access this information without read access to CRDs.
Solution Description:
Added an end point
/api/console/knative-event-sources
to fetch all duck typed event source CRDs. UpdatedResourceLister
handler to propagate response error status as is & also added aResponseFilter
function to filter any response before propagation.In order to allow an unprivileged user to get this information without read access to CRDs, new RBAC has been added in
console-operator
to authorise service account to list CRDs. Ref PR: openshift/console-operator#413Screen shots / Gifs for design review:
N/A
Unit test coverage report:
N/A
Test setup:
Need to build backend & console-operator to test above API
Note: In off-cluster mode, user token shall be used & hence user need to be authorised to verify this API. Whereas for in-cluster mode, service account shall be used & it has RBAC to authorise for unprivileged user.
Browser conformance:
N/A