Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-169

Console e2e tests broken due to pod security admission controller

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • 4.12.z
    • 4.12
    • Management Console
    • None
    • False
    • Hide

      None

      Show
      None

      CI is failing due to the updated pod security admission controller. We need to update the console test pods with the correct security values.

      Error: Command failed: echo '{"apiVersion":"v1","kind":"Pod","metadata":

      {"name":"test-jxlpt-event-test-pod","namespace":"test-jxlpt"}

      ,"spec":{"containers":[

      {"name":"httpd","image":"image-registry.openshift-image-registry.svc:5000/openshift/httpd:latest"}

      ]}}' | kubectl create -n test-jxlpt -f -
      Error from server (Forbidden): error when creating "STDIN": pods "test-jxlpt-event-test-pod" is forbidden: violates PodSecurity "restricted:v1.24": allowPrivilegeEscalation != false (container "httpd" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "httpd" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "httpd" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "httpd" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")

            badhikar@redhat.com Bipul Adhikari
            spadgett@redhat.com Samuel Padgett
            Xiangyi Li Xiangyi Li (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: