dashboard icon indicating copy to clipboard operation
dashboard copied to clipboard
verified publisher icon rancher

Integrate Project-scoped secrets into the existing Secrets page

Open nwmac opened this issue 10 months ago • 2 comments

See: https://github.com/rancher/dashboard/issues/13245 for the issue from backend.

This issue represents the concrete UI work that needs to be done.

List

We'll need to create a new list page for the secret resource and add a tab view at the top:

Image

The Namespaced tab will show the same data as the existing Secrets page shows.

The Project Scoped tab will show the same data in a table, but these will only show secrets that are in projects (i.e. the namespaces for projects). The 'Namespace' column will obviously show 'Project' instead (this should show the project name)

NOTE: The tabs should only show if the user has access to the Project schema - otherwise, the page should present as it currently does.

Create

The behaviour of the create button will change depending on which tab is selected.

If the Namespaced tab is selected, the behaviour will be as it is today.

if the Project Scoped tab is selected, the create page will create a project-scoped secret. In this case, the Create page is identical, but the Namespace selector is replaced by a Project selector.

When the create page is creating a project-scoped secret, it should show a banner or description explaining what a project-scoped secret is with a link to documentation, if there is one.

nwmac avatar Mar 12 '25 16:03 nwmac

@nwmac

  • I've asked some follow-up questions on the issue from the backend, the important note is that while creating the secret by using kubectl works as expected, creating it through the UI and setting the project name(e.g. p-someid) as the namespace doesn't work. The secret doesn't propagated to all the namespaces within that project, I believe this is a blocker
  • I've added validation for the name and namespace/project fields, but we need to add validation for all the required fields for all types of secrets too(e.g. registry url for the registry type secret), let me know if I should work on it as part of this ticket

The test coverage will be added once I have all the answers

momesgin avatar Apr 10 '25 16:04 momesgin

Not sure what the project bot did here (automation vs. manual?) but putting to QA if there's nothing to review here.

gaktive avatar Jun 27 '25 15:06 gaktive

Validated in Rancher v2.12-0d5e9dc2323c35d68fdaffbb7a1907f2b844a4b8-head Dashboard master https://github.com/rancher/dashboard/commit/8dd014174f26975fadecce2f383f177529078fae Rancher CLI v2.12.0-rc.1

1- The Namespaced shows the same data as the old Secrets page shows. 2- The Project Scoped tab will show the same data in a table. The 'Namespace' column is showing 'Project' instead of Namespace 3- For an user with no access to Projects, both Namespaces and Project Scoped Secrets are not displayed.

Image Image

I'm reopening the issue due to 4- When the create page is for a project-scoped secret, there's no banner or description explaining what a project-scoped secret is with a link to documentation, as required in the issue scope.

IsaSih avatar Jul 01 '25 19:07 IsaSih

The workflow of creating Project Scoped Secrets/ Secrets by Namespace is being verified in #13245

IsaSih avatar Jul 01 '25 19:07 IsaSih

Moving out of Review. Will need to check the project board workflow here since this popped back over to development.

gaktive avatar Jul 03 '25 13:07 gaktive

The project board workflow is behaving strangely. But I reopened the issue and no fix was addressed yet, so I'm reopening again

IsaSih avatar Jul 05 '25 20:07 IsaSih

Syncing state with epic - blocked on https://github.com/rancher/dashboard/issues/13245#issuecomment-3048179269

richard-cox avatar Jul 09 '25 07:07 richard-cox

I'll address all my findings in #13245. Closing this issue

IsaSih avatar Jul 22 '25 22:07 IsaSih