Uploaded image for project: 'OpenShift API for Data Protection'
  1. OpenShift API for Data Protection
  2. OADP-1313

Remove creation/usage of velero-privileged SCC

XMLWordPrintable

    • False
    • False
    • oadp-operator-container-1.1.2-6 , oadp-operator-bundle-container-1.1.2-8
    • ToDo
    • 0
    • 0
    • 0
    • Untriaged
    • None

      velero-privileged SCC is causing the CIS benchmark to fail #576

      https://github.com/openshift/oadp-operator/blob/816cb838faa1983d8a34c09492561a6999ab0ddb/controllers/velero.go#L327
      https://github.com/openshift/oadp-operator/issues/576
      https://coreos.slack.com/archives/CHD1CSNAK/p1646060396759409

      Verification: OADP Operator no longer creates SecurityContextConstaints object named "velero-privileged" when DPA is created.

          1.
          		 [RedHat QE] Verify Task OADP-1313 - Remove creation/usage of velero-privileged SCC Sub-task New Undefined Unassigned
          2.
          		 [RedHat QE] Verify Task OADP-290 - Remove creation/usage of velero-privileged SCC Sub-task New Undefined Prasad Joshi
          3.
          		 [IBM QE-P] Verify Task OADP-290 - Remove creation/usage of velero-privileged SCC Sub-task New Undefined Sonia Garudi
          4.
          		 [IBM QE-Z] Verify Task OADP-290 - Remove creation/usage of velero-privileged SCC Sub-task New Undefined Maya Anilson (Inactive)

              hitpatel@redhat.com Hiteshwari Patel
              tkaovila@redhat.com Tiger Kaovilai
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: