[helm chart] fsGroup not a valid securityContext field #293
Comments
|
IIRC it is just inherited from upstream external-dns tutorials and we probably don't really need it @somaritane @kuritka @k0da thoughts? |
ytsarev
changed the title
ytsarev
added a commit
that referenced
this issue
Feb 28, 2021
* Respect recent api changed and Move most of securityContext to pod level, only readOnlyRootFilesystem is stayed on container one * Solves ``` Error: UPGRADE FAILED: error validating "": error validating data: ValidationError(Deployment.spec.template.spec.containers[0].securityContext): unknown field "fsGroup" in io.k8s.api.core.v1.SecurityContext ``` on eks reference deployment * Fixes #293
ytsarev
added a commit
that referenced
this issue
Feb 28, 2021
* Respect recent api changes and Move most of securityContext to pod level, only readOnlyRootFilesystem is stayed on container one * Solves ``` Error: UPGRADE FAILED: error validating "": error validating data: ValidationError(Deployment.spec.template.spec.containers[0].securityContext): unknown field "fsGroup" in io.k8s.api.core.v1.SecurityContext ``` on eks reference deployment * Fixes #293 Signed-off-by: Yury Tsarev <yury.tsarev@absa.africa>
ytsarev
added a commit
that referenced
this issue
Feb 28, 2021
* Respect recent api changes and move most of securityContext to pod level, only readOnlyRootFilesystem is stayed on container one * Solves ``` Error: UPGRADE FAILED: error validating "": error validating data: ValidationError(Deployment.spec.template.spec.containers[0].securityContext): unknown field "fsGroup" in io.k8s.api.core.v1.SecurityContext ``` on eks reference deployment * Fixes #293 Signed-off-by: Yury Tsarev <yury.tsarev@absa.africa>
Merged
ytsarev
added a commit
that referenced
this issue
Mar 1, 2021
* Respect recent api changes and move most of securityContext to pod level, only readOnlyRootFilesystem is stayed on container one * Solves ``` Error: UPGRADE FAILED: error validating "": error validating data: ValidationError(Deployment.spec.template.spec.containers[0].securityContext): unknown field "fsGroup" in io.k8s.api.core.v1.SecurityContext ``` on eks reference deployment * Fixes #293 Signed-off-by: Yury Tsarev <yury.tsarev@absa.africa>
ytsarev
added a commit
that referenced
this issue
Mar 1, 2021
* Respect recent api changes and move most of securityContext to pod level, only readOnlyRootFilesystem is stayed on container one * Solves ``` Error: UPGRADE FAILED: error validating "": error validating data: ValidationError(Deployment.spec.template.spec.containers[0].securityContext): unknown field "fsGroup" in io.k8s.api.core.v1.SecurityContext ``` on eks reference deployment * Fixes #293 Signed-off-by: Yury Tsarev <yury.tsarev@absa.africa>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
this seems to be an invalid field: https://github.com/AbsaOSS/k8gb/blob/7c9e66221b8c74997da1b8a10a9df553879a4d42/chart/k8gb/templates/external-dns/external-dns-ns1.yaml#L47
based on https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#securitycontext-v1-core
perhaps it should have been
runAsGroupEither way I'd recommend setting this at the pod level https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#podsecuritycontext-v1-core and making the values parametric as for example OCP is very specific about these kinds of things.
The text was updated successfully, but these errors were encountered: