-
Bug
-
Resolution: Done
-
Minor
-
None
-
Logging 5.6.0
-
False
-
None
-
False
-
NEW
-
VERIFIED
-
Log Storage - Sprint 226
PodSecurity violation Error while trying to install Loki Operator on OCP 4.12 from upstream repo.
FATA[0008] Failed to run bundle: create catalog: error creating registry pod: error creating pod: pods "quay-io-rhn-support-kbharti-loki-operator-bundle-v0-0-1" is forbidden: violates PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "registry-grpc" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "registry-grpc" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "registry-grpc" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "registry-grpc" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") make: *** [Makefile:237: olm-deploy] Error 1
Steps to reproduce:
1) clone upsteam repo openshift/loki.
2) Run below cmd under under loki/operators.
make olm-deploy REGISTRY_ORG=<quay-account-name> VERSION=<version>
OCP version: 4.12
Installation works fine on OCP 4.11
- clones
-
LOG-3201 Unable to install Elasticsearch operator from upstream repo on OCP 4.12
- Closed
- links to
- mentioned on