Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Minor
Fix Version/s: None
Affects Version/s: Logging 5.6.0
Component/s: Log Storage
Labels:
- devel_ack+

Blocked:
False
Blocked Reason:
None
Ready:
False
Docs QE Status:
NEW
QE Status:
VERIFIED

Sprint:
Log Storage - Sprint 226

SFDC Cases Links:
SFDC Cases Counter:

PodSecurity violation Error while trying to install Loki Operator on OCP 4.12 from upstream repo.

FATA[0008] Failed to run bundle: create catalog: error creating registry pod: error creating pod: pods "quay-io-rhn-support-kbharti-loki-operator-bundle-v0-0-1" is forbidden: violates PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "registry-grpc" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "registry-grpc" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "registry-grpc" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "registry-grpc" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") 
make: *** [Makefile:237: olm-deploy] Error 1

Steps to reproduce:
1) clone upsteam repo openshift/loki.
2) Run below cmd under under loki/operators.

make olm-deploy REGISTRY_ORG=<quay-account-name> VERSION=<version>

OCP version: 4.12

Installation works fine on OCP 4.11

clones

LOG-3201 Unable to install Elasticsearch operator from upstream repo on OCP 4.12

Closed

links to

openshift/elasticsearch-operator#951: [release-5.5] Upgrade operator-sdk to v1.24.1

mentioned on

Merge request - Updated US source to: 1320c8c Merge pull request #951 from periklis/operator-sdk-v1.24.1-on-5.5

Assignee:: Periklis Tsirakidis

Reporter:: Kabir Bharti

QA Contact:: Kabir Bharti

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2022/10/18 5:24 PM

Updated:: 2022/11/28 3:50 AM

Resolved:: 2022/10/20 11:54 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates