Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-1049

Pod security policy change breaks cluster-ingress-operator's TestCanaryRoute E2E tests

    XMLWordPrintable

Details

    • Important
    • 1
    • Sprint 224
    • 1
    • False
    • Hide

      None

      Show
      None
    • N/A
    • Release Note Not Required

    Description

      Prow job example: https://prow.ci.openshift.org/view/gs/origin-ci-test/pr-logs/pull/openshift_cluster-ingress-operator/824/pull-ci-openshift-cluster-ingress-operator-master-e2e-aws-operator/1567689639479742464

      Test output:

      === RUN TestAll/serial/TestCanaryRoute
      canary_test.go:78: failed to create pod openshift-ingress-canary/canary-route-check: pods "canary-route-check" is forbidden: violates PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "curl" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "curl" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "curl" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "curl" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")

      Attachments

        Activity

          People

            mmasters1@redhat.com Miciah Masters
            mmasters1@redhat.com Miciah Masters
            Arvind Iyengar Arvind Iyengar (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: