-
Bug
-
Resolution: Done
-
Minor
-
None
-
4.12
-
None
-
No
-
False
-
Description of problem:
The example pipeline-buildah-as-user-1000 pipeline seems to not work or is incomplete. There are insufficient privileges during the fetch-repository step of the tekton pipeline.
Version-Release number of selected component (if applicable):
The example was attempted using the latest version of openshift-pipelines (pipelines-1.8) on an OCP v(4.12.5) Openshift Local (formerly Red Hat CodeReady Containers) instance.
How reproducible:
Repeatedly
Steps to Reproduce:
Simply follow the steps in the document. I also have a helm chart to quickly deploy the example, see https://github.com/trevorbox/buildah-unprivileged#pipeline
Actual results:
There are insufficient privileges for the service account. If you view the Events in the pipeline namespace, for example: oc get events -n test ... 51m Warning Failed pod/pipelinerun-buildah-as-user-1000-fetch-repository-pod Error: container has runAsNonRoot and image will run as root (pod: "pipelinerun-buildah-as-user-1000-fetch-repository-pod_test(003ef27e-eeae-4024-8d46-86d939d0d6ad)", container: place-scripts) ...
Expected results:
The pipeline should be successful using the SCC and ServiceAccount example provided in the document.
Additional info:
Test chart (created from example in documentation) https://github.com/trevorbox/buildah-unprivileged#pipeline
- relates to
-
-
- Closed
-
