Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-5468

openshift-marketplace pods cause PodSecurityViolation alert to fire

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Blocker
    • None
    • 4.12
    • OLM
    • None
    • Critical
    • Rejected
    • Hide

      None

      Show
      None

    Description

      Description of problem:

      Pod in the openshift-marketplace cause PodSecurityViolation alerts in vanilla OpenShift cluster

      Version-Release number of selected component (if applicable):

      4.12.0-0.nightly-2023-01-04-203333

      How reproducible:

      100%

      Steps to Reproduce:

      1. install a freshly new cluster
2. check the alerts in the console

      Actual results:

      PodSecurityViolation alert is present

      Expected results:

      No alerts

      Additional info:

      I'll provide a filtered version of the audit logs containing the violations

      Attachments

        Issue Links

          clones

          Bug - A problem which impairs or prevents the functions of the product. OCPBUGS-5423 openshift-marketplace pods cause PodSecurityViolation alert to fire

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Verified
          depends on

          Bug - A problem which impairs or prevents the functions of the product. OCPBUGS-5423 openshift-marketplace pods cause PodSecurityViolation alert to fire

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Verified
          duplicates

          Bug - A problem which impairs or prevents the functions of the product. OCPBUGS-5381 openshift-marketplace namespace missing "audit-version" and "warn-version" PSA label

          • Normal - To be worked after urgent and high priorities are resolved. This term is chosen when the severity of an issue is relatively close to the level of effort to fix it. The existence of an easily implemented workaround can also lead to this priority level instead of a higher priority.
          • Closed
          links to

          GitHub operator-framework/operator-marketplace#503: [release-4.12] OCPBUGS-5468: Remove PSA audit and warnings

          Activity

            Public project attachment banner

              context keys: [headless, issue, helper, isAsynchronousRequest, project, action, user]
              current Project key: OCPBUGS

              People

                agreene1991 Alexander Greene
                slaznick@redhat.com Stanislav Laznicka
                Jian Zhang Jian Zhang
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: