From 08626993020e89b579e286e7ef3786c189df3cf3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matej=20Va=C5=A1ek?= Date: Mon, 25 May 2026 22:11:58 +0200 Subject: [PATCH] Revert "fix: add FSGroup to Tekton PipelineRun podTemplate for s390x/ppc64le support (#3665)" This reverts commit 9ba518e33a83982c8807aafc7b6df7adb3b8fece. --- pkg/pipelines/tekton/templates_pack.go | 10 ---- pkg/pipelines/tekton/templates_s2i.go | 10 ---- pkg/pipelines/tekton/templates_test.go | 81 -------------------------- 3 files changed, 101 deletions(-) diff --git a/pkg/pipelines/tekton/templates_pack.go b/pkg/pipelines/tekton/templates_pack.go index 5d6b7859e5..d4e73dc4b7 100644 --- a/pkg/pipelines/tekton/templates_pack.go +++ b/pkg/pipelines/tekton/templates_pack.go @@ -125,11 +125,6 @@ spec: value: "{{.Commit}}" pipelineRef: name: {{.PipelineName}} - podTemplate: - securityContext: - runAsUser: 1001 - runAsGroup: 0 - fsGroup: 1002 workspaces: - name: source-workspace persistentVolumeClaim: @@ -190,11 +185,6 @@ spec: {{end}} pipelineRef: name: {{.PipelineName}} - podTemplate: - securityContext: - runAsUser: 1001 - runAsGroup: 0 - fsGroup: 1002 workspaces: - name: source-workspace persistentVolumeClaim: diff --git a/pkg/pipelines/tekton/templates_s2i.go b/pkg/pipelines/tekton/templates_s2i.go index 4063add270..8eb5ccd7a0 100644 --- a/pkg/pipelines/tekton/templates_s2i.go +++ b/pkg/pipelines/tekton/templates_s2i.go @@ -136,11 +136,6 @@ spec: value: "{{.Commit}}" pipelineRef: name: {{.PipelineName}} - podTemplate: - securityContext: - runAsUser: 1001 - runAsGroup: 0 - fsGroup: 1002 workspaces: - name: source-workspace persistentVolumeClaim: @@ -208,11 +203,6 @@ spec: value: {{.TlsVerify}} pipelineRef: name: {{.PipelineName}} - podTemplate: - securityContext: - runAsUser: 1001 - runAsGroup: 0 - fsGroup: 1002 workspaces: - name: source-workspace persistentVolumeClaim: diff --git a/pkg/pipelines/tekton/templates_test.go b/pkg/pipelines/tekton/templates_test.go index 6624540d45..14cfcfb292 100644 --- a/pkg/pipelines/tekton/templates_test.go +++ b/pkg/pipelines/tekton/templates_test.go @@ -1,9 +1,7 @@ package tekton import ( - "os" "path/filepath" - "strings" "testing" "github.com/manifestival/manifestival" @@ -324,82 +322,3 @@ func Test_createAndApplyPipelineRunTemplate(t *testing.T) { }) } } - -func Test_PipelineRunHasPodTemplateSecurityContext(t *testing.T) { - tests := []struct { - name string - root string - builder string - runtime string - }{ - { - name: "pack builder with quarkus", - root: "testdata/testCreatePipelinePackQuarkus", - builder: builders.Pack, - runtime: "quarkus", - }, - { - name: "s2i builder with quarkus", - root: "testdata/testCreatePipelineS2IQuarkus", - builder: builders.S2I, - runtime: "quarkus", - }, - } - - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - root := tt.root + "Run" - defer Using(t, root)() - - f, err := fn.NewFunction(root) - if err != nil { - t.Fatal(err) - } - - f.Build.Builder = tt.builder - f.Runtime = tt.runtime - f.Image = "docker.io/alice/" + f.Name - f.Registry = TestRegistry - - // Create the PipelineRun template - err = createPipelineRunTemplatePAC(f, make(map[string]string)) - if err != nil { - t.Fatalf("createPipelineRunTemplatePAC() error = %v", err) - } - - // Read the generated file and verify it contains podTemplate with securityContext - fp := filepath.Join(root, resourcesDirectory, pipelineRunFilenamePAC) - content, err := os.ReadFile(fp) - if err != nil { - t.Fatalf("failed to read generated PipelineRun: %v", err) - } - - contentStr := string(content) - - // Verify podTemplate is present - if !strings.Contains(contentStr, "podTemplate:") { - t.Error("podTemplate not found in generated PipelineRun") - } - - // Verify securityContext is present - if !strings.Contains(contentStr, "securityContext:") { - t.Error("securityContext not found in podTemplate") - } - - // Verify fsGroup is set - if !strings.Contains(contentStr, "fsGroup: 1002") { - t.Error("fsGroup not set to 1002 in securityContext") - } - - // Verify runAsUser is set - if !strings.Contains(contentStr, "runAsUser: 1001") { - t.Error("runAsUser not set to 1001 in securityContext") - } - - // Verify runAsGroup is set - if !strings.Contains(contentStr, "runAsGroup: 0") { - t.Error("runAsGroup not set to 0 in securityContext") - } - }) - } -}