New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Explicit pod security #1885
Explicit pod security #1885
Conversation
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: abutcher The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## master #1885 +/- ##
==========================================
+ Coverage 42.13% 42.25% +0.12%
==========================================
Files 366 366
Lines 33976 34057 +81
==========================================
+ Hits 14315 14390 +75
- Misses 18458 18461 +3
- Partials 1203 1206 +3
|
dc12fd8
to
a9791fa
Compare
/hold |
This reverts commit 86e486a.
Versions prior to 4.11 do not have a restricted SCC that allow setting seccompProfile.
be338b0
to
785e973
Compare
Rebased and cleaned up the namespace scraping a little bit. If we go this route, which I currently think we might, we may need to ensure that our PSA/UID settings jive with K8s or possibly skip configuring pod security if we're not on OpenShift. |
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Issues go stale after 90d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle stale |
@abutcher: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
Stale issues rot after 30d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle rotten |
Rotten issues close after 30d of inactivity. Reopen the issue by commenting /close |
@openshift-bot: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@dlom was going through some oldymoldy to-dos and came across this, related to https://issues.redhat.com/browse/HIVE-2023 [Later] Oh, I guess it was already linked :) |
This PR unreverts #1884 and removes
seccompProfile
settings from deployments. Versions prior to 4.11 do not have a restricted SCC that allows settingseccompProfile
.HIVE-2023