Bug: User in group doesn't get permission to resources in Kubernetes namespace, when the group permissions are updated

[mahesh-hegde]

📜 Description

This bug occurs once in a while randomly.

We have a fairly normal setup with bunch of groups which provide permissions to kubernetes namespaces.

When we add a new namespace to the group G, the user in Group G is not able to see the newly added namespace.

But when I go to users page, remove the user from said group G, and re-add to the group, the user is able to see the group again.

It appears like a caching related issue.

👟 Reproduction steps

Was not able to reproduce it reliably since it occurs pretty rarely, like once in a two weeks.

👍 Expected behavior

As soon as new kubernetes namespace access is added to the group, user belonging to the group should be able to access the resources in the namespace.

👎 Actual Behavior

The user is not seeing the namespace, until we remove them from the group and re-add to the group.

☸ Kubernetes version

v1.28.2

Cloud provider

Oracle Cloud (OCI)

🌍 Browser

Chrome

🧱 Your Environment

No

✅ Proposed Solution

This might have to do with the caching or permission update mechanisms. Not familiar with the inner workings of devtron, therefore cannot decide a proposed solution. :)

👀 Have you spent some time to check if this issue has been raised before?

• [X] I checked and didn't find any similar issue

🏢 Have you read the Code of Conduct?

• [X] I have read the Code of Conduct