Details
-
Bug
-
Resolution: Cannot Reproduce
-
Blocker
-
None
-
Pipelines 1.8.1
-
None
-
False
-
None
-
False
Description
Expected behavior
tkn task works out of the box
Actual behavior
Simple pipeline run using tkn clustertask generates an error and doesn't create a task pod
Steps to reproduce
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: tkn-run-version-
spec:
pipelineSpec:
tasks:
- name: run-tkn
taskRef:
name: tkn
kind: ClusterTask
params:
- name: ARGS
value:
- "version"
timeout: 1m
This error is generated
task run-tkn has failed: failed to create task run pod "tkn-run-version-v2457-run-tkn": pods "tkn-run-version-v2457-run-tkn-pod" is forbidden: violates PodSecurity "restricted:latest": allowPrivilegeEscalation != false (containers "prepare", "place-scripts", "step-tkn" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (containers "prepare", "place-scripts", "step-tkn" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or containers "prepare", "place-scripts" must set securityContext.runAsNonRoot=true), seccompProfile (pod or containers "prepare", "place-scripts", "step-tkn" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost"). Maybe missing or invalid Task default/tkn
Env:
- OpenShift 4.12.0-ec.5
- Pipelines 1.8.1 (build 361784)