Skip to content

Don't call openstackcreds per cluster to get tenant name#2057

Open
spai-p9 wants to merge 3 commits into
mainfrom
private/main/ui-tenant-fix
Open

Don't call openstackcreds per cluster to get tenant name#2057
spai-p9 wants to merge 3 commits into
mainfrom
private/main/ui-tenant-fix

Conversation

@spai-p9

@spai-p9 spai-p9 commented Jun 29, 2026

Copy link
Copy Markdown
Collaborator

What this PR does / why we need it

This PR adds the change instead of calling every openstackcreds to get tenant. get list of openstackcreds before hand and get tenant name from in memory objectl.

Which issue(s) this PR fixes

(optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged)

fixes #2053.

Special notes for your reviewer

Testing done

please add testing details (logs, screenshots, etc.)


Open in Devin Review

@devin-ai-integration devin-ai-integration Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Devin Review found 2 potential issues.

Open in Devin Review

Comment thread ui/src/features/migration/hooks/useClusterData.ts
Comment on lines +132 to +137
const projectNameByCred = new Map<string, string>(
(openstackCredsList || []).map((cred: OpenstackCreds) => [
cred.metadata.name,
cred.spec?.projectName || ''
])
)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚩 Behavioral change: individual per-credential error isolation is removed

Beyond the reported bug (Promise.all rejection), there's a subtler behavioral difference even in the success path. The old code fetched each credential individually, so if one credential resource was deleted or corrupted mid-request, only that one cluster's tenant name would be blank. The new code fetches the entire list at once, so a single malformed item in the API response could potentially cause the entire list parse to fail. In practice, since this is a Kubernetes list API that returns well-structured JSON, this is unlikely. However, if the credentials list is paginated or truncated by the API server (e.g., due to continue tokens on very large lists), some credentials might be missing from the lookup map, silently resulting in empty tenant names. The getOpenstackCredentialsList function at openstackCreds.ts:6-12 does not handle pagination (continue token in GetOpenstackCredsListMetadata), so at scale this could lead to incomplete data.

Open in Devin Review

Was this helpful? React with 👍 or 👎 to provide feedback.

@spai-p9 spai-p9 force-pushed the private/main/ui-tenant-fix branch from 1d8e0e5 to 0e00571 Compare June 29, 2026 07:11
@github-actions

Copy link
Copy Markdown
Contributor

✅ Security Vulnerability Summary

No change in security posture

📊 Overall Changes

Metric Count
Total Added 0
Total Fixed 0
Net Change 0

🔍 Detailed Breakdown

📦 Gosec (Static Analysis)

Current Baseline Added Fixed Method
0 0 0 0 artifact

📦 Trivy (Dependency Scan)

Current Baseline Added Fixed Method
86 86 0 0 artifact

📋 Baseline Methods

  • 📦 artifact: Used stored report from main branch
  • 🔄 live_scan: Scanned base branch in real-time
  • ⚠️ no_baseline: No baseline available (all vulnerabilities treated as new)

Only HIGH and CRITICAL severity vulnerabilities are tracked
Baseline: ad0d7ab4b641bb1e5198f3f9f3b60bb4de966772

@github-actions

Copy link
Copy Markdown
Contributor

✅ Security Vulnerability Summary

No change in security posture

📊 Overall Changes

Metric Count
Total Added 0
Total Fixed 0
Net Change 0

🔍 Detailed Breakdown

📦 Gosec (Static Analysis)

Current Baseline Added Fixed Method
0 0 0 0 artifact

📦 Trivy (Dependency Scan)

Current Baseline Added Fixed Method
86 86 0 0 artifact

📋 Baseline Methods

  • 📦 artifact: Used stored report from main branch
  • 🔄 live_scan: Scanned base branch in real-time
  • ⚠️ no_baseline: No baseline available (all vulnerabilities treated as new)

Only HIGH and CRITICAL severity vulnerabilities are tracked
Baseline: ad0d7ab4b641bb1e5198f3f9f3b60bb4de966772

@github-actions

Copy link
Copy Markdown
Contributor

✅ Security Vulnerability Summary

No change in security posture

📊 Overall Changes

Metric Count
Total Added 0
Total Fixed 0
Net Change 0

🔍 Detailed Breakdown

📦 Gosec (Static Analysis)

Current Baseline Added Fixed Method
0 0 0 0 artifact

📦 Trivy (Dependency Scan)

Current Baseline Added Fixed Method
86 86 0 0 artifact

📋 Baseline Methods

  • 📦 artifact: Used stored report from main branch
  • 🔄 live_scan: Scanned base branch in real-time
  • ⚠️ no_baseline: No baseline available (all vulnerabilities treated as new)

Only HIGH and CRITICAL severity vulnerabilities are tracked
Baseline: ad0d7ab4b641bb1e5198f3f9f3b60bb4de966772

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Inconsistent tenant name in cluster mapping UI

1 participant