Uploaded image for project: 'OpenShift Hosted Control Plane'
  1. OpenShift Hosted Control Plane
  2. HOSTEDCP-938

Make Hypershift operator deployment PSA compliant

    XMLWordPrintable

Details

    • Story
    • Resolution: Done
    • Minor
    • None
    • None
    • None
    • None
    • Hypershift Sprint 233, Hypershift Sprint 234
    • 0
    • 0
    • 0

    Description

      The Hypershift operator deployment fails when we try to deploy it in the RootCI server which has the PSA enabled. So we need to make the hypershift operator deployment restricted PSA compliant

      Event:

      0s          Warning   FailedCreate        replicaset/operator-66cc5794c9       (combined from similar events): Error creating: pods "operator-66cc5794c9-k2sq7" is forbidden: violates PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "operator" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "operator" must set securityContext.capabilities.drop=["ALL"]), seccompProfile (pod or container "operator" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") 

      Attachments

        Activity

          People

            jparrill@redhat.com Juan Manuel Parrilla Madrid
            jparrill@redhat.com Juan Manuel Parrilla Madrid
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: