Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Run the cassandra schema job as a non-root user by default #3043

Merged
merged 2 commits into from Jun 4, 2021
Merged

Run the cassandra schema job as a non-root user by default #3043

merged 2 commits into from Jun 4, 2021

Conversation

chgl
Copy link
Contributor

@chgl chgl commented May 30, 2021

Which problem is this PR solving?

By default, the cassandra schema job runs as a root user. This doesn't work on clusters with restrictive security policies. Although I did create jaegertracing/jaeger-operator#1167 in the past, I think it's more convenient to have this change directly within the schema job and have a more secure default.

Short description of the changes

Adds a new user nonroot to the schema image and sets this as the default user.

@chgl
run cassandra schema job as a non-root user by default
eedf9ea 
Signed-off-by: chgl <chgl@users.noreply.github.com>
@chgl chgl requested a review from a team as a code owner May 30, 2021 21:07
@chgl chgl requested a review from pavolloffay May 30, 2021 21:07
@codecov
Copy link

codecov bot commented May 30, 2021
edited

Codecov Report

Merging #3043 (e492cb0) into master (394ec23) will decrease coverage by 0.02%.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #3043      +/-   ##
==========================================
- Coverage   96.00%   95.98%   -0.03%     
==========================================
  Files         229      229              
  Lines        9937     9937              
==========================================
- Hits         9540     9538       -2     
- Misses        328      329       +1     
- Partials       69       70       +1
Impacted Files Coverage Δ
cmd/query/app/static_handler.go 95.16% <0.00%> (-1.62%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 394ec23...e492cb0. Read the comment docs.

@jpkrohling jpkrohling merged commit 2687983 into jaegertracing:master Jun 4, 2021
@chgl chgl deleted the run-cassandra-job-as-non-root branch June 4, 2021 12:02
@jpkrohling jpkrohling added this to the Release 1.23.0 milestone Jun 4, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yurishkuro yurishkuro yurishkuro left review comments

@jpkrohling jpkrohling jpkrohling approved these changes

@pavolloffay pavolloffay pavolloffay approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Release 1.23.0
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@chgl @jpkrohling @yurishkuro @pavolloffay