Loading...

XML

Word

Printable

Type: Epic
Resolution: Done
Priority: Critical
Fix Version/s: Pipelines 1.7
Affects Version/s: None
Component/s: Documentation, Tekton Catalog, Tekton Pipelines
Labels:
- doc-req

Epic Name:
Reduced build privileges
Blocked:
False
Ready:
False
Epic Status:
Done
Feature Link:
SECFLOWOTL-55 - Enhance outerloop security
Hierarchy Progress:
66
Hierarchy Progress Bar:

66% 66%
Release Note Text:
Undefined
Market:

SFDC Cases Links:
SFDC Cases Counter:

Goal

As a cluster-admin, I want image build tasks to run as rootless builds in order to reduce the security risk of running privileges builds on the OpenShift cluster.

Estimation

Acceptance Criteria

Buildah task can run in user namespaces and as a non-root container on the host
Buildah task can run as non-root inside the taskrun container

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

2022-01-13_15-51.png
795 kB
2022/01/13 2:51 PM

is documented by

RHDEVDOCS-3306 Document running image build tasks as unprivileged builds

Closed

RHDEVDOCS-4200 Document running image build tasks as unprivileged builds

Closed

is related to

SRVKP-2232 R&D Run buildah with default service account

To Do

relates to

SRVKP-1312 R&D Reduced build privileges

Closed

Assignee:: Chmouel Boudjnah

Reporter:: Siamak Sadeghianfar

Votes:: 3 Vote for this issue

Watchers:: 9 Start watching this issue

Created:: 2021/05/21 7:53 AM

Updated:: 2023/04/14 9:23 AM

Resolved:: 2022/04/26 3:23 PM

Details

Description

Goal

Estimation

Acceptance Criteria

Attachments

Attachments

Issue Links

Activity

People

Dates