I updated from v3.15.8 to v3.17.2 over the weekend and today our developers are seeing the following message when trying to open a library variable set:
You do not have permission to perform this action. Please contact your Octopus administrator. Missing permission: VariableView
This action requires permission to view variables belonging to a project or library variable set. At least one of your teams has this permission in a limited scope, but this doesn’t cover the project or environment in question.
This variable set contains items scoped to various environments, roles, etc.
I found this change that was implemented in v3.17.1 which I believe is why we’re seeing the issue:
https://github.com/OctopusDeploy/Issues/issues/3591
I’m still a bit confused though as our Developers belong to the following groups:
- A custom role (scoped to all projects & environments), with LibraryVariableSetView, VariableView, VariableViewUnscoped, etc.
- Project Lead/Project Deployer/Project Initiator (scoped to Development and Training Environments and six project groups)
- An all-IT group, that gives them Project Viewer role to six project groups (not scoped to environment)
I feel like #1 above should be all that they would need to view library variable sets and I’m not sure what I’m missing.
Thanks,
Nick