Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-169

Console e2e tests broken due to pod security admission controller

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Blocker
    • 4.12.z
    • 4.12
    • Management Console
    • None
    • False
    • Hide

      None

      Show
      None

    Description

      CI is failing due to the updated pod security admission controller. We need to update the console test pods with the correct security values.

      Error: Command failed: echo '{"apiVersion":"v1","kind":"Pod","metadata":

      {"name":"test-jxlpt-event-test-pod","namespace":"test-jxlpt"}

      ,"spec":{"containers":[

      {"name":"httpd","image":"image-registry.openshift-image-registry.svc:5000/openshift/httpd:latest"}

      ]}}' | kubectl create -n test-jxlpt -f -
      Error from server (Forbidden): error when creating "STDIN": pods "test-jxlpt-event-test-pod" is forbidden: violates PodSecurity "restricted:v1.24": allowPrivilegeEscalation != false (container "httpd" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "httpd" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "httpd" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "httpd" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")

      Attachments

        Activity

          People

            badhikar@redhat.com Bipul Adhikari
            spadgett@redhat.com Samuel Padgett
            Xiangyi Li Xiangyi Li (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: