feat: Add securityContext support at container level in helm chart templates by lekaf974 · Pull Request #3704 · volcano-sh/volcano

lekaf974 · 2024-09-02T14:52:57Z

hwdef

Should securityContext be added to scheduler and controller, and support setting different securityConetxt for admission, scheduler and controller?

Monokaix · 2024-09-03T11:48:15Z

Should securityContext be added to scheduler and controller, and support setting different securityConetxt for admission, scheduler and controller?

+1
The original issue mentioned that controller and scheduler also need csc: )

lekaf974 · 2024-09-04T01:52:17Z

Perfect will add changes for the scheduler

lekaf974 · 2024-09-04T01:57:41Z

I split csc with a value for admission and another for scheduler

googs1025 · 2024-09-05T01:24:06Z

ci may fail. We are trying to fix it in this PR. Sorry for the inconvenience. :)

Monokaix · 2024-09-05T01:24:59Z

installer/helm/chart/volcano/values.yaml

+#   runAsUser: 2000
+  admission_default_csc: ~
+
+# Specify container security context for scheduler


We can put these admission_default_csc: ~ and scheduler_default_csc: ~ together.

You mean using the same definition for both ?

forgot about it, I saw how other fields were made so I'll follow the same behavior

Ok, and please also squash it to one commit.

Monokaix · 2024-09-05T01:25:21Z

controller is also needed: )

lekaf974 · 2024-09-05T01:54:33Z

ci may fail. We are trying to fix it in this PR. Sorry for the inconvenience. :)

something similar to #3708

lekaf974 · 2024-09-05T01:54:52Z

controller is also needed: )

Done

Monokaix · 2024-09-05T08:21:15Z

Please also squash it to one commit: )

lekaf974 · 2024-09-06T21:00:26Z

Please also squash it to one commit: )

Done

…mplates Security context added on: - admission deployment - admission-init job - scheduler deployment - controller deployment Signed-off-by: mevrin <matthieu.evrin@gmail.com>

hwdef

/lgtm

Monokaix · 2024-09-10T11:52:21Z

/approve

volcano-sh-bot · 2024-09-10T11:52:28Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Monokaix

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

~~OWNERS~~ [Monokaix]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

volcano-sh-bot requested review from shinytang6 and william-wang September 2, 2024 14:53

volcano-sh-bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Sep 2, 2024

lekaf974 marked this pull request as draft September 2, 2024 14:54

lekaf974 marked this pull request as ready for review September 2, 2024 15:20

hwdef reviewed Sep 3, 2024

View reviewed changes

lekaf974 force-pushed the feat/add-security-context-helm-charts branch 2 times, most recently from f947809 to d5000e3 Compare September 5, 2024 00:27

Monokaix reviewed Sep 5, 2024

View reviewed changes

lekaf974 force-pushed the feat/add-security-context-helm-charts branch from 8c01eb0 to 83bba02 Compare September 6, 2024 21:00

lekaf974 force-pushed the feat/add-security-context-helm-charts branch from 83bba02 to 65c4a7a Compare September 6, 2024 21:13

feat: Add securityContext support at container level in helm chart te…

28c7a24

…mplates Security context added on: - admission deployment - admission-init job - scheduler deployment - controller deployment Signed-off-by: mevrin <matthieu.evrin@gmail.com>

lekaf974 force-pushed the feat/add-security-context-helm-charts branch from 65c4a7a to 28c7a24 Compare September 9, 2024 01:49

hwdef reviewed Sep 9, 2024

View reviewed changes

volcano-sh-bot assigned hwdef Sep 9, 2024

volcano-sh-bot added the lgtm Indicates that a PR is ready to be merged. label Sep 9, 2024

lekaf974 requested a review from Monokaix September 9, 2024 11:42

volcano-sh-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Sep 10, 2024

volcano-sh-bot merged commit fb61314 into volcano-sh:master Sep 10, 2024

Conversation

lekaf974 commented Sep 2, 2024

Uh oh!

hwdef left a comment

Choose a reason for hiding this comment

Uh oh!

Monokaix commented Sep 3, 2024

Uh oh!

lekaf974 commented Sep 4, 2024

Uh oh!

lekaf974 commented Sep 4, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

googs1025 commented Sep 5, 2024

Uh oh!

Monokaix Sep 5, 2024

Choose a reason for hiding this comment

Uh oh!

lekaf974 Sep 5, 2024

Choose a reason for hiding this comment

Uh oh!

lekaf974 Sep 5, 2024

Choose a reason for hiding this comment

Uh oh!

lekaf974 Sep 5, 2024

Choose a reason for hiding this comment

Uh oh!

Monokaix Sep 5, 2024

Choose a reason for hiding this comment

Uh oh!

Monokaix commented Sep 5, 2024

Uh oh!

lekaf974 commented Sep 5, 2024

Uh oh!

lekaf974 commented Sep 5, 2024

Uh oh!

Monokaix commented Sep 5, 2024

Uh oh!

lekaf974 commented Sep 6, 2024

Uh oh!

hwdef left a comment

Choose a reason for hiding this comment

Uh oh!

Monokaix commented Sep 10, 2024

Uh oh!

volcano-sh-bot commented Sep 10, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

lekaf974 commented Sep 4, 2024 •

edited

Loading