-
Story
-
Resolution: Done
-
Normal
-
None
-
None
-
BU Product Work
-
8
-
False
-
False
-
OCPSTRAT-201 - Enable sharing ConfigMaps and Secrets across namespaces [GA]
-
-
Sprint 219, Sprint 220, Sprint 221, Sprint 222, Sprint 223
User Story
As a developer using SharedSecrets and ConfigMaps
I want to ensure all pods set readOnly; true on admission
So that I don't have pods stuck in the "Pending" state because of a bad volume mount
Acceptance Criteria
- Pods which reference the Shared Resource CSI driver must set readOnly: true on admission.
- If readOnly: true is not set, or is set to false, the pod should not be created.
- Appropriate testing in place to verify behavior
QE Impact
QE will need to verify the new Pod Admission behavior
Docs Impact
Docs will need to ensure that readOnly: true is required and must be set to true.
PX Impact
None.
- is blocked by
-
BUILD-405 Install Shared Resource CSIDriver Webhook with Cluster Storage Operator
- Closed
-
BUILD-406 Enhancement Proposal - Validating Webhook for Shared Resource CSI Driver
- Closed
- is documented by
-
RHDEVDOCS-4338 Shared Resources: Require readOnly: true on Pod Admission
- Closed
- links to
(1 links to)