Steps to recreate:

1. When logged into the platform hub with an admin account, select 'Announcements' -> 'New'
2. Fill in all fields, but leave the bottom section entirely blank (labelled and announcements can be delivered outside of the hub), so that it doesn't send email / slack notifications.
3. Hit 'Create' to fire off the announcement
4. View the announcement in the 'Announcements' tab

Expected Behaviour:
The 'Status' field should say something along the lines of 'delivered' / 'not_applicable' / 'viewable'. Maybe even drop off the 'Deliver to' field or put a similar message.

Actual Behaviour:

Deliver to:
Status: awaiting_delivery

Not sure if this is potentially adding additional load with any background jobs picking up things in awaiting_delivery state and trying to process them?

As a user
I want to filter on the list of RBAC Groups created in the Platform Hub
So that I can see which have no allocations and perform some housekeeping

Filter capabilities will be a larger piece of work to implement I suspect, and will be beneficial (for ease of use) in a lot of locations such as:

• Projects
• Services
• User / Robot Tokens
• RBAC Groups (for other attributes such as services / clusters they are assigned to)

As a user
I want to download a fully functional kubeconfig file for my given user token on a project
So that I don't need to manually retrieve the API url and CA content and build the config myself

Related issue: https://github.com/UKHomeOffice/application-container-platform-board/issues/680
Partial PR: #164

when a Project has a name with spaces in it, this results in generated commands in the kubectl config helper UI being broken due to the spaces.
eg.:

Set up the credentials:
kubectl config set-credentials [email protected]_acp-test_ACP Test Team --token=a1b2c3-...etc
Set up the context:
kubectl config set-context acp-test_ACP Test Team --cluster=acp-test [email protected]_acp-test_ACP Test Team
Now you can access the cluster:
kubectl --context=acp-test_ACP Test Team --namespace=<namespace> get pods

suggestions:

1. quote the user and context name in all cases
2. replace spaces with another valid non whitespace character on command generation
3. backend/frontend validate input of Project names to make spaces invalid

it's impossible to add/remove other token groups manually when user have active escalated privilege. This is due to the fact that privileged groups aren't allowed when updating manually but I suspect form still pushes those when submitted.

In the Platform Hub Users list (https://<hub-url>/users), it would be great if we could see a list of projects a user is assigned to, and maybe some search / filtering capabilities... ;)

First off, awesome project! Everything here has been designed and integrated very well and it's been nice to see it progress to this stage.

Essentially, to break down my request, the current implementation of the hub has a great number of very useful functionalities (e.g. to name a few announcements, kubernetes tokens, cost reporting, ...). These are definitely needed to keep up with the barrage of requests however, I'm unsure if they should be part of the core logic of the hub.

It's always seemed like the kubernetes and container approach was to keep pods functions unary. Adding to the existing platform is a good way to build a monolith which should be avoided. So my proposal is to integrate plugins into the platform instead. This would mean extra services, which are not core to the platform, can be managed as their own products and therefore can be versioned as such and have there own repos/deployments.

A client and server rpc module (similar to how kubelet works with docker, cni and other components via grpc) is worth thinking about and would keep stability within the calls and extend the underlining cluster nicely. Please let me know on any confusion (probably needs a bit more clarity) and I can add some more information below.

When you have several scrolling pages worth of projects to view, it's not a great user experience for someone who just wants to get to their own project.

Feature Request (one or the other):

• Pin projects that a user is a member of, to the top of the list
  • Maybe with a label or something to signify you are part of it
  • Or a separate tab for your own projects and full project list
• Only show Projects that a user is a member of in the list

Please may I have sysdig access?
email: [email protected]

Currently:

Support requests can be created by any logged in users. If they have a GitHub identity associated already then the support request issue created (on GitHub) will contain their GitHub username, and thus allow them to receive notifications. If not, then we use their hub user email address in the resultant GitHub issue.

Proposal:

After discussions with @oyelekci – we propose limiting support requests to only those users that have connected up their GitHub identity to the hub.

From a UX perspective, this means when someone lands on the support requests index page and does not have their GitHub identity connected up, then we should guide them to the the Connected Identities page to do so (and explain why they can't submit requests just yet).

Looking at the code we always add an empty option for select fields (non- multiple), even if they are required. This always someone to submit an empty value, even though it may be required.

Design question: what becomes the pre-selected option? The first one? Configurable?

If a user has no name set, they are correctly prompted to add this information, but they are then presented with an error when returned to platform hub. Logging in again then works as expected.

Announcement templates allow you to add an optional form field. Currently you have two outcomes with such a setup.

1. Form field {{potato}} is filled in with SOMETEXT:

Bacon ipsum dolor amet salami bresaola: SOMETEXT

2. Form field {{potato}} is left blank (it leaves the variable reference in when the field is empty):

Bacon ipsum dolor amet salami bresaola: {{potato}}

Suggest adding in capability to parse if blocks like mustache templating supports:

{{#potato}}
    Optional field filled in: {{potato}}
{{/potato}}
{{^potato}}
    End of announcement.
{{/potato}}

Description: When creating an announcement template with optional/required fields, if you attempt to preview the template whilst leaving the form fields blank it causes the page to be in an endless loading phase (and fails to show the preview).

Steps to recreate:

1. Login to Platform Hub as an administrator
2. Navigate to Announcement Templates in the left navigation bar
3. Select NEW in the top right to create a template
4. Fill in all the required sections as normal
5. Select the ADD NEW FIELD button and specify a field with any type, leaving the required box unticked (with the select field, it can break both ways if you tick as required or leave optional)
6. Select the OPEN PREVIEWER button at the bottom
7. Leave the field empty and press the PREVIEW button

Expected results:

• Required Field: The form should prevent you from submitting until a value has been specified
• Optional Field: The announcement template should be rendered successfully

Actual results:
The loading attribute is added to the popup element eternally, and nothing renders. The console shows the following javascript error:

angular.js:14199 Error: "data" argument not specified or empty
    at Object.previewAnnouncementTemplate (hub-api.service.js:422)
    at exports.AnnouncementTemplatePreviewPopupController.preview (announcement-template-preview-popup.controller.js:35)
    at fn (eval at compile (angular.js:15126), <anonymous>:4:271)
    at expensiveCheckFn (angular.js:16213)
    at callback (angular.js:26592)
    at Scope.$eval (angular.js:17994)
    at Scope.$apply (angular.js:18094)
    at HTMLButtonElement.<anonymous> (angular.js:26597)
    at defaultHandlerWrapper (angular.js:3546)
    at HTMLButtonElement.eventHandler (angular.js:3534)

Currently Kubernetes Clusters are displayed in the order of creation time. With a growing list of clusters this can become less user-friendly to view and manage. It would be good to have all cluster lists in the Platform Hub sorted in alphabetical order.

I've identified the following locations where this sort would take place:

• Connected Identities -> Kubernetes Show Tokens (normal user view)
• Kubernetes Token Sync (admin view)
• Kubernetes Clusters (admin view)
• Kubernetes User Tokens (admin view, search for user and add tokens for user)
• Kubernetes Robot Tokens (admin view, cluster list)

Additional:

• For robot tokens, maybe sort the robot user list in alphabetical order also

Similarly to how you can view all robot tokens generated for a Cluster (/kubernetes/robot-tokens/list/<cluster-name>), it would be useful to be able to see which users currently have tokens generated for a Kubernetes Cluster.

Steps to recreate:

1. Login to the Platform Hub with an account that has administrator privileges
2. Navigate to /feature-flags/edit
3. Drag toggle on/off or press the active/disabled buttons for any of the features a few times

Expected response:
On every toggle, the corresponding feature flag should be enabled or disabled accordingly

Actual response:
Intermittently when toggling the feature flag, the change doesn't apply successfully and the feature visually stays at its existing state. However, I can see a POST request is made to api/feature_flags/projects with the correct values and a 200 response code. On a manual page refresh I can see that the settings were updated correctly, so this is just a display issue. The following JS log is also output:

[Violation] Added non-passive event listener to a scroll-blocking 'touchmove' event. Consider marking event handler as 'passive' to make the page more responsive.

This was tested on both Google Chrome and Safari. Would be a low priority issue considering it still works mostly, just a little rendering issue.

Steps to recreate:
Navigate to Kubernetes User Tokens => Input own or someone's name

Expected Behaviour:
Show a list of all of the selected user's kubernetes tokens

Actual Behaviour:
Shows:
x does not have any kubernetes access tokens yet. You can generate a new token for them

Screenshot:

As an admin if I create a new support request template with user scope set blank occasionally this request can not be viewed by the user. This bug seems intermittent but an example is 'Request for a kubernetes user token' which currently can't be view by none admin users.

Steps to recreate:

1. Navigate to Projects => Kube User Tokens => Select a user
2. Click Create a new Kubernetes User Token for this user
3. Select a Cluster and RBAC Groups (or leave the groups empty) and create the token
4. Go to Kubernetes Token Sync in the left menu and select the Cluster from above

Expected Behaviour:
I should see some context on the changes made that need to be synced.

Actual Behaviour:
I see a change has been made, but the Description is empty and there's no information on what was done.

Screenshot:

Steps to recreate:

1. Login to the Platform Hub
2. Navigate to a project that you have administrative control over: https://[HUB-URL]/projects/detail/[PROJECT-NAME]
3. Start typing a user's email address

Expected Behaviour:

• When typing the user's email address, the drop-down will show the related user with matching address

Actual Behaviour:

• When typing . as part of the email / username, the form automatically submits and immediately redirects you to the homepage. Responses below:

Request URI: /api/users/search/bob@?include_deactivated=false
Response Code: 200 OK
Response Message: []

Request URI: /api/users/search/bob.bobberson?include_deactivated=false
Response Code: 404 Not Found