You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
And you check the "Cover all projects" option, along with selecting the Repository [Pull] action, the expected behavior is that the Robot account should be able to perform all the specified actions across all projects.
However, the actual behavior you are observing is that the Robot account is not able to perform the selected actions as expected :
{"errors":[{"code":"DENIED","message":"permission scope is invalid. It must be equal to or more restrictive than the creator robot's permissions: robot$crossplane"}]}
Expected behavior and actual behavior:
When you have a Robot account system with the following permissions:
Project [Create, List]
Robot Account [Create, Delete, List, Read]
And you check the "Cover all projects" option, along with selecting the Repository [Pull] action, the expected behavior is that the Robot account should be able to perform all the specified actions across all projects.
However, the actual behavior you are observing is that the Robot account is not able to perform the selected actions as expected :
{"errors":[{"code":"DENIED","message":"permission scope is invalid. It must be equal to or more restrictive than the creator robot's permissions: robot$crossplane"}]}
Steps to reproduce the problem:
curl -k -X 'POST' 'https:///api/v2.0/robots' -u 'robot$crossplane:' -H 'Content-Type: application/json' -d '{"name": "puller","description": "puller","level": "system","duration": -1,"permissions": [{"kind": "project","namespace": "dev","access":[{"resource": "repository","action": "pull"}]}]}'
Versions:
Please specify the versions of the following systems:
Additional context:
The text was updated successfully, but these errors were encountered: