fix: apply authorization policy in user namespace to allow istio traffic #356

NohaIhab · 2023-10-24T09:37:55Z

closes canonical/notebook-operators#311 and #355

Testing

deploy charmed kubeflow latest/edge
refresh the kfp-profile-controller charm to the one from this PR

juju refresh kfp-profile-controller --channel=latest/edge/pr-356

log in to the dashboard and create a namespace
check AuthorizationPolicy objects in the user's namespace, expect 2 objects:

kubectl get authorizationpolicies.security.istio.io -n admin
NAME                            AGE
ns-owner-access-istio-charmed   15s
ns-owner-access-istio           12s

create a notebook and verify there are no 403 logs from the jupyter-controller container
create a data passing pipeline and verify that you can download artifacts from pipeline steps

NohaIhab · 2023-10-25T10:18:59Z

closing in favour of #360 to point to branch 1.8-updates-dev-branch

fix: apply authorization policy with relaxed rule

38d194f

NohaIhab requested a review from a team as a code owner October 24, 2023 09:37

fix: link PR in comment

3e8e71e

github-actions bot added Libraries: Out of sync Libraries: OK and removed Libraries: Out of sync Libraries: OK labels Oct 24, 2023

NohaIhab closed this Oct 25, 2023

NohaIhab deleted the fix-apply-authorization-policy branch October 25, 2023 14:54

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix: apply authorization policy in user namespace to allow istio traffic #356

fix: apply authorization policy in user namespace to allow istio traffic #356

NohaIhab commented Oct 24, 2023 •

edited

Loading

NohaIhab commented Oct 25, 2023

fix: apply authorization policy in user namespace to allow istio traffic #356

fix: apply authorization policy in user namespace to allow istio traffic #356

Conversation

NohaIhab commented Oct 24, 2023 • edited Loading

Testing

NohaIhab commented Oct 25, 2023

NohaIhab commented Oct 24, 2023 •

edited

Loading