WebShared: Update how request checkout handles kube resource related errors #48168
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
This pull request is automatically being deployed by Amplify Hosting (learn more). |
kimlisa
added
no-changelog
rudream
approved these changes
Oct 30, 2024
...ckages/shared/components/AccessRequests/NewRequest/RequestCheckout/RequestCheckout.story.tsx
Show resolved
Hide resolved
| isResourceRequest={true} | ||
| fetchResourceRequestRolesAttempt={{ | ||
| status: 'failed', | ||
| statusText: `your Teleport role's "request.kubernetes_resources" field did not allow requesting to some or all of the requested Kubernetes resources. allowed kinds for each requestable roles: test-role-1: [deployment]`, |
There was a problem hiding this comment.
Suggested change
| statusText: `your Teleport role's "request.kubernetes_resources" field did not allow requesting to some or all of the requested Kubernetes resources. allowed kinds for each requestable roles: test-role-1: [deployment]`, | |
| statusText: `your Teleport role's "request.kubernetes_resources" field did not allow requesting to some or all of the requested Kubernetes resources. Allowed kinds for each requestable roles: test-role-1: [deployment]`, |
There was a problem hiding this comment.
this is a backend error and i was told in one of my backend PRs that error messages are not capitalized...
kimlisa
commented
Oct 31, 2024
There was a problem hiding this comment.
i had to remove the required checking b/c theres now no clear way to tell if it's required or not.
eg: one role can enforce namespaces only, another role can enforce pods only. it'll be confusing to assume that all kube_cluster resources selected has access to namespaces and mark it required (letting user try to create request and backend return an error is better)
kimlisa
force-pushed
the
lisa/update-web-ui
branch
2 times, most recently
from
0bea852
to
81d06e9
Compare
flyinghermit
approved these changes
Oct 31, 2024
| @@ -144,7 +143,7 @@ export function KubeNamespaceSelector({ | |||
| return ( | |||
| <Box width="100%" mb={-3}> | |||
| <StyledSelect | |||
| label={`Namespaces${namespaceRequired ? ' (required)' : ''}:`} | |||
| label={`Namespaces:`} | |||
Comment on lines
48
to
51
| * Parses error messsage (in an expected format) to see if | ||
| * in the message it's a type of request.kubernetes_resources | ||
| * related error, then check if namespace or kube_cluster is mentioned | ||
| * in the "allowed kinds" portion of the error message. |
There was a problem hiding this comment.
Suggested change
| * Parses error messsage (in an expected format) to see if | |
| * in the message it's a type of request.kubernetes_resources | |
| * related error, then check if namespace or kube_cluster is mentioned | |
| * in the "allowed kinds" portion of the error message. | |
| * Parses error message (in an expected format returned from the backend) to see if | |
| * the message is a type of request.kubernetes_resources (link backend code or add error sample below) related error. | |
| * If error matches, it then checks if namespace or kube_cluster is mentioned | |
| * in the "allowed kinds" portion of the error message. |
Comment on lines
+65
to
+71
| if ( | ||
| errMsg.includes('request.kubernetes_resources') && | ||
| errMsg.includes('allowed kinds') | ||
| ) { | ||
| let splitMsgParts = []; | ||
| if (errMsg.includes('requested roles: ')) { | ||
| splitMsgParts = errMsg.split('requested roles: '); | ||
| } else if (errMsg.includes('requestable roles: ')) { | ||
| splitMsgParts = errMsg.split('requestable roles: '); |
There was a problem hiding this comment.
This is really brutal way to guess error type. Not suggesting we change anything here but someday, we should come up with error codes that can be meaningfully shared amongst backend and frontend.
r0mant
approved these changes
Oct 31, 2024
public-teleport-github-review-bot
bot
removed the request for review
from ravicious
kimlisa
force-pushed
the
lisa/update-web-ui
branch
from
81d06e9
to
b24b5fa
Compare
ravicious
reviewed
Nov 4, 2024
| @@ -316,14 +315,14 @@ export function RequestCheckout<T extends PendingListItem>({ | |||
| > | |||
| tsh request search | |||
| </ExternalLink>{' '} | |||
| command that will help you construct the request. | |||
There was a problem hiding this comment.
I think it should still say "command" no?
There was a problem hiding this comment.
oh what the.... i have minor UX's stuff i need to address, so i'll add it back
kimlisa
added a commit
that referenced
this pull request
Nov 5, 2024
…errors (#48168) * WebShared: Update how request checkout handles kube resource related errors * Fix bug where after create/cancel, specifiable fields were retained * Remove single toggler for kube resources * Address CR
github-merge-queue bot
pushed a commit
that referenced
this pull request
Nov 5, 2024
…ces during access requests (#48413) * Web: add support for requesting for kube namespaces (#47345) * Teleterm: add support for access requesting kube namespaces (#47347) * WebShared: Update how request checkout handles kube resource related errors (#48168) * WebShared: Update how request checkout handles kube resource related errors * Fix bug where after create/cancel, specifiable fields were retained * Remove single toggler for kube resources * Address CR * Update snaps * Backport fixes - teleport version v16 and less uses react select version 3 which required to add manual support for initially fetching namespaces on select dropdown - hover tooltip design diffs - field select design diffs
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
part of #46742
The backend error messaging has changed, so this PR just updates how the web UI processes that error.
It also fixes a subtle bug where, after a request was created (or when user cancels the request), the specifiable fields (eg: suggested reviewers and especially the selected resource roles) were retained, so when user tries to create a new checkout, the
resource rolesfetch can fail, and the followingdry runfetch referred to the previous requests values of selected roles, which resulted in incorrect error message referring to the wrong roles.Screenshots:
with tooltip, if the error message gets long (happens with wildcard expanded into all kinds supported):
without tooltip (reasonably short error message)
