Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pin Pod Security Admission enforce version to a specific version while cutting a release to the kube version in use #2827

Closed
anik120 opened this issue Aug 2, 2022 · 0 comments · Fixed by #2831
Closed

Pin Pod Security Admission enforce version to a specific version while cutting a release to the kube version in use #2827

anik120 opened this issue Aug 2, 2022 · 0 comments · Fixed by #2831
Assignees
@anik120
Labels
kind/bug Categorizes issue or PR as related to a bug. release-blocker
Milestone
0.22.0

Comments

@anik120
Copy link
Contributor

anik120 commented Aug 2, 2022

Bug Report

What did you do?
A clear and concise description of the steps you took (or insert a code snippet).

The enforce version for PSA is latest in https://github.com/operator-framework/operator-lifecycle-manager/blob/master/deploy/chart/templates/0000_50_olm_00-namespace.yaml

What did you expect to see?
A clear and concise description of what you expected to happen (or insert a code snippet).

That should be pinned to a specific kube version while cutting a release. Release scripts should be modified to update the enforce version to a specific kube version.
@anik120 anik120 added kind/bug Categorizes issue or PR as related to a bug. release-blocker labels Aug 2, 2022
@anik120 anik120 added this to the 0.22.0 milestone Aug 2, 2022
@anik120 anik120 self-assigned this Aug 2, 2022
@camilamacedo86 camilamacedo86 mentioned this issue Aug 2, 2022
Merged
11 tasks
anik120 added a commit to anik120/operator-lifecycle-manager that referenced this issue Aug 4, 2022
@anik120
(manifests): populate pod security configs dynamically
351e2ca 
This PR:
* introduces a chart value that decides if the --set-workload-user-id flag to true
or false for the catalog-operator container
* introduces chart values to fill in the psa enforce level/version for the namespaces
Closes operator-framework#2827
anik120 added a commit to anik120/operator-lifecycle-manager that referenced this issue Aug 4, 2022
@anik120
(manifests): populate pod security configs dynamically
6b3a238 
This PR:
* introduces a chart value that decides if the --set-workload-user-id flag to true
or false for the catalog-operator container
* introduces chart values to fill in the psa enforce level/version for the namespaces
Closes operator-framework#2827

Signed-off-by: Anik Bhattacharjee <anikbhattacharya93@gmail.com>
@anik120 anik120 mentioned this issue Aug 4, 2022
Merged
11 tasks
anik120 added a commit to anik120/operator-lifecycle-manager that referenced this issue Aug 4, 2022
@anik120
(manifests): populate pod security configs dynamically
25aa520 
This PR:
* introduces a chart value that decides if the --set-workload-user-id flag to true
or false for the catalog-operator container
* introduces chart values to fill in the psa enforce level/version for the namespaces
Closes operator-framework#2827

Signed-off-by: Anik Bhattacharjee <anikbhattacharya93@gmail.com>
anik120 added a commit to anik120/operator-lifecycle-manager that referenced this issue Aug 5, 2022
@anik120
(manifests): populate pod security configs dynamically
48861b7 
This PR:
* introduces a chart value that decides if the --set-workload-user-id flag to true
or false for the catalog-operator container
* introduces chart values to fill in the psa enforce level/version for the namespaces
Closes operator-framework#2827

Signed-off-by: Anik Bhattacharjee <anikbhattacharya93@gmail.com>
anik120 added a commit to anik120/operator-lifecycle-manager that referenced this issue Aug 8, 2022
@anik120
(manifests): populate pod security configs dynamically
2bf96e2 
This PR:
* introduces a chart value that decides if the --set-workload-user-id flag to true
or false for the catalog-operator container
* introduces chart values to fill in the psa enforce level/version for the namespaces
Closes operator-framework#2827

Signed-off-by: Anik Bhattacharjee <anikbhattacharya93@gmail.com>
openshift-merge-robot pushed a commit that referenced this issue Aug 8, 2022
@anik120
(manifests): populate pod security configs dynamically (#2831)
f982e2f 
This PR:
* introduces a chart value that decides if the --set-workload-user-id flag to true
or false for the catalog-operator container
* introduces chart values to fill in the psa enforce level/version for the namespaces
Closes #2827

Signed-off-by: Anik Bhattacharjee <anikbhattacharya93@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@anik120 anik120

Labels
kind/bug Categorizes issue or PR as related to a bug. release-blocker
Projects
None yet
Milestone
0.22.0
Development

Successfully merging a pull request may close this issue.

(manifests): populate pod security configs dynamically anik120/operator-lifecycle-manager
1 participant
@anik120