Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-5423

openshift-marketplace pods cause PodSecurityViolation alert to fire

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Blocker
    • None
    • 4.12
    • OLM
    • None
    • Critical
    • Rejected
    • False
    • Hide

      None

      Show
      None

    Description

      Description of problem:

      Pod in the openshift-marketplace cause PodSecurityViolation alerts in vanilla OpenShift cluster

      Version-Release number of selected component (if applicable):

      4.12.0-0.nightly-2023-01-04-203333

      How reproducible:

      100%

      Steps to Reproduce:

      1. install a freshly new cluster
      2. check the alerts in the console
      

      Actual results:

      PodSecurityViolation alert is present

      Expected results:

      No alerts

      Additional info:

      I'll provide a filtered version of the audit logs containing the violations

      Attachments

        1. image-2023-01-09-14-13-53-201.png
          80 kB
          Kevin Quinn
        2. image-2023-01-09-14-17-04-384.png
          38 kB
          Kevin Quinn
        3. image-2023-01-11-09-53-24-038.png
          99 kB
          Kevin Quinn
        4. violating_pods.audit.log
          18 kB
          Stanislav Laznicka

        Issue Links

          Activity

            People

              agreene1991 Alexander Greene
              slaznick@redhat.com Stanislav Laznicka
              Jian Zhang Jian Zhang
              Votes:
              0 Vote for this issue
              Watchers:
              11 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: