Dashboard: 1.6.1 broke being able to view pods without access to secrets

Created on 26 May 2017  路  1Comment  路  Source: kubernetes/dashboard
Environment
Dashboard version: 1.6.1
Kubernetes version: 1.6.4
Operating system:
Node.js version:
Go version:
Steps to reproduce

Give access to the dashboard service account that does not include get/list secrets.

Try to view a pod

Observed result

User "system:serviceaccount:kube-system:kube-dashboard" cannot list secrets in the namespace "default". (get secrets)

Expected result

I can view the pod just as I did in 1.6.0

Comments

Giving access to list secrets also means anyone can view all the secret values if they simply open up the network tab. This is a huge issue for us and basically renders the dashboard unusable.

kinbug
Source
picture jhorwit2

Most helpful comment

Linking to #1976 as solution for both issues is the same. We have to gracefully handle and hide resources in such cases.

picture floreks on 29 May 2017
👍2

>All comments

Linking to #1976 as solution for both issues is the same. We have to gracefully handle and hide resources in such cases.

floreks picture floreks on 29 May 2017
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

maciaszczykm picture maciaszczykm  路  3Comments
MichaelJCole picture MichaelJCole  路  5Comments
kasunsjc picture kasunsjc  路  3Comments
eloyekunle picture eloyekunle  路  3Comments
mxey picture mxey  路  3Comments