Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Explicit pod security #1885

Closed
wants to merge 8 commits into from
Closed

Explicit pod security #1885

wants to merge 8 commits into from

Conversation

abutcher
Copy link
Member

@abutcher abutcher commented Sep 21, 2022
edited

This PR unreverts #1884 and removes seccompProfile settings from deployments. Versions prior to 4.11 do not have a restricted SCC that allows setting seccompProfile.

HIVE-2023

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Sep 21, 2022

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: abutcher

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Sep 21, 2022
@codecov
Copy link

codecov bot commented Sep 21, 2022
edited

Codecov Report

Merging #1885 (785e973) into master (ef13b76) will increase coverage by 0.12%.
Report is 283 commits behind head on master.
The diff coverage is 92.77%.

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #1885      +/-   ##
==========================================
+ Coverage   42.13%   42.25%   +0.12%     
==========================================
  Files         366      366              
  Lines       33976    34057      +81     
==========================================
+ Hits        14315    14390      +75     
- Misses      18458    18461       +3     
- Partials     1203     1206       +3
Files Changed Coverage Δ
pkg/constants/constants.go 100.00% <ø> (ø)
pkg/operator/assets/bindata.go 0.00% <ø> (ø)
.../controller/clusterdeployment/clusterprovisions.go 61.70% <80.00%> (+0.40%) ⬆️
...lusterdeprovision/clusterdeprovision_controller.go 54.27% <80.00%> (+0.99%) ⬆️
.../clusterdeployment/clusterdeployment_controller.go 62.96% <83.33%> (+0.14%) ⬆️
pkg/controller/utils/utils.go 82.19% <100.00%> (+2.71%) ⬆️
pkg/imageset/generate.go 97.53% <100.00%> (+0.03%) ⬆️
pkg/install/generate.go 42.77% <100.00%> (+0.21%) ⬆️
pkg/test/assert/assertions.go 92.30% <100.00%> (+2.30%) ⬆️

@abutcher
Copy link
Member Author

/hold

@openshift-ci openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Sep 23, 2022
@abutcher
Copy link
Member Author

Rebased and cleaned up the namespace scraping a little bit. If we go this route, which I currently think we might, we may need to ensure that our PSA/UID settings jive with K8s or possibly skip configuring pod security if we're not on OpenShift.

@openshift-merge-robot
Copy link
Contributor

PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-merge-robot openshift-merge-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 18, 2023
@openshift-bot
Copy link

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

@openshift-ci openshift-ci bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jul 20, 2023
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Aug 15, 2023

@abutcher: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/periodic-images 785e973 link true /test periodic-images
ci/prow/images 785e973 link true /test images

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@openshift-bot
Copy link

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten
/remove-lifecycle stale

@openshift-ci openshift-ci bot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Sep 15, 2023
@openshift-bot
Copy link

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.

/close

@openshift-ci openshift-ci bot closed this Oct 15, 2023
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Oct 15, 2023

@openshift-bot: Closed this PR.

In response to this:

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@2uasimojo
Copy link
Member

2uasimojo commented May 2, 2024
edited

@dlom was going through some oldymoldy to-dos and came across this, related to https://issues.redhat.com/browse/HIVE-2023

[Later] Oh, I guess it was already linked :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@2uasimojo 2uasimojo Awaiting requested review from 2uasimojo

@dlom dlom Awaiting requested review from dlom

Assignees
No one assigned
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@abutcher @openshift-merge-robot @openshift-bot @2uasimojo