New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[helm chart] fsGroup not a valid securityContext field #293
Comments
IIRC it is just inherited from upstream external-dns tutorials and we probably don't really need it @somaritane @kuritka @k0da thoughts? |
ytsarev
changed the title
[helm chart] runAsGroup not a valid securityContext field
[helm chart] fsGroup not a valid securityContext field
Feb 28, 2021
ytsarev
added a commit
that referenced
this issue
Feb 28, 2021
* Respect recent api changed and Move most of securityContext to pod level, only readOnlyRootFilesystem is stayed on container one * Solves ``` Error: UPGRADE FAILED: error validating "": error validating data: ValidationError(Deployment.spec.template.spec.containers[0].securityContext): unknown field "fsGroup" in io.k8s.api.core.v1.SecurityContext ``` on eks reference deployment * Fixes #293
ytsarev
added a commit
that referenced
this issue
Feb 28, 2021
* Respect recent api changes and Move most of securityContext to pod level, only readOnlyRootFilesystem is stayed on container one * Solves ``` Error: UPGRADE FAILED: error validating "": error validating data: ValidationError(Deployment.spec.template.spec.containers[0].securityContext): unknown field "fsGroup" in io.k8s.api.core.v1.SecurityContext ``` on eks reference deployment * Fixes #293 Signed-off-by: Yury Tsarev <yury.tsarev@absa.africa>
ytsarev
added a commit
that referenced
this issue
Feb 28, 2021
* Respect recent api changes and move most of securityContext to pod level, only readOnlyRootFilesystem is stayed on container one * Solves ``` Error: UPGRADE FAILED: error validating "": error validating data: ValidationError(Deployment.spec.template.spec.containers[0].securityContext): unknown field "fsGroup" in io.k8s.api.core.v1.SecurityContext ``` on eks reference deployment * Fixes #293 Signed-off-by: Yury Tsarev <yury.tsarev@absa.africa>
Merged
ytsarev
added a commit
that referenced
this issue
Mar 1, 2021
* Respect recent api changes and move most of securityContext to pod level, only readOnlyRootFilesystem is stayed on container one * Solves ``` Error: UPGRADE FAILED: error validating "": error validating data: ValidationError(Deployment.spec.template.spec.containers[0].securityContext): unknown field "fsGroup" in io.k8s.api.core.v1.SecurityContext ``` on eks reference deployment * Fixes #293 Signed-off-by: Yury Tsarev <yury.tsarev@absa.africa>
ytsarev
added a commit
that referenced
this issue
Mar 1, 2021
* Respect recent api changes and move most of securityContext to pod level, only readOnlyRootFilesystem is stayed on container one * Solves ``` Error: UPGRADE FAILED: error validating "": error validating data: ValidationError(Deployment.spec.template.spec.containers[0].securityContext): unknown field "fsGroup" in io.k8s.api.core.v1.SecurityContext ``` on eks reference deployment * Fixes #293 Signed-off-by: Yury Tsarev <yury.tsarev@absa.africa>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
this seems to be an invalid field: https://github.com/AbsaOSS/k8gb/blob/7c9e66221b8c74997da1b8a10a9df553879a4d42/chart/k8gb/templates/external-dns/external-dns-ns1.yaml#L47
based on https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#securitycontext-v1-core
perhaps it should have been
runAsGroup
Either way I'd recommend setting this at the pod level https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#podsecuritycontext-v1-core and making the values parametric as for example OCP is very specific about these kinds of things.
The text was updated successfully, but these errors were encountered: