Uploaded image for project: 'OpenShift API for Data Protection'
  1. OpenShift API for Data Protection
  2. OADP-290

Remove creation/usage of velero-privileged SCC

    XMLWordPrintable

Details

    • False
    • False
    • oadp-operator-container-1.1.2-6 , oadp-operator-bundle-container-1.1.2-8
    • ToDo
    • 0
    • 0
    • 0
    • Untriaged

    Description

      velero-privileged SCC is causing the CIS benchmark to fail #576

      https://github.com/openshift/oadp-operator/blob/816cb838faa1983d8a34c09492561a6999ab0ddb/controllers/velero.go#L327
      https://github.com/openshift/oadp-operator/issues/576
      https://coreos.slack.com/archives/CHD1CSNAK/p1646060396759409

      Verification: OADP Operator no longer creates SecurityContextConstaints object named "velero-privileged" when DPA is created.

      Attachments

        Activity

          People

            hitpatel@redhat.com Hiteshwari Patel (Inactive)
            tkaovila@redhat.com Tiger Kaovilai
            Votes:
            0 Vote for this issue
            Watchers:
            10 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: