Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Minor
Fix Version/s: Logging 5.6.0
Affects Version/s: Logging 5.6.0
Component/s: Log Storage
Labels:

Blocked:
False
Blocked Reason:
None
Ready:
False
Docs QE Status:
NEW
QE Status:
VERIFIED

Sprint:
Log Storage - Sprint 226

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

PodSecurity violation Error while trying to install Loki Operator on OCP 4.12 from upstream repo.

FATA[0008] Failed to run bundle: create catalog: error creating registry pod: error creating pod: pods "quay-io-rhn-support-kbharti-loki-operator-bundle-v0-0-1" is forbidden: violates PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "registry-grpc" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "registry-grpc" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "registry-grpc" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "registry-grpc" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") 
make: *** [Makefile:237: olm-deploy] Error 1

Steps to reproduce:
1) clone upsteam repo openshift/loki.
2) Run below cmd under under loki/operators.

make olm-deploy REGISTRY_ORG=<quay-account-name> VERSION=<version>

OCP version: 4.12

Installation works fine on OCP 4.11

depends on

OCPBUGS-1666 'run bundle'failed because of the request of PodSecurity

Closed

is cloned by

LOG-3201 Unable to install Elasticsearch operator from upstream repo on OCP 4.12

Closed

links to

grafana/loki#7449: operator: Upgrade operator-sdk to v1.24.1

Assignee:: Periklis Tsirakidis

Reporter:: Kabir Bharti

QA Contact:: Kabir Bharti

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2022/10/13 12:44 AM

Updated:: 2023/01/23 9:15 AM

Resolved:: 2022/10/19 5:28 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates