Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Cannot Reproduce
Priority: Blocker
Fix Version/s: None
Affects Version/s: Pipelines 1.8.1
Component/s: Tekton Catalog
Labels:
None

Blocked:
False
Blocked Reason:
None
Ready:
False

SFDC Cases Counter:
SFDC Cases Links:

Description

Expected behavior

tkn task works out of the box

Actual behavior

Simple pipeline run using tkn clustertask generates an error and doesn't create a task pod

Steps to reproduce

apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
  generateName: tkn-run-version-
spec:
  pipelineSpec:
    tasks:
    - name: run-tkn
      taskRef:
        name: tkn
        kind: ClusterTask
      params:
      - name: ARGS
        value:
          - "version"
  timeout: 1m

This error is generated

task run-tkn has failed: failed to create task run pod "tkn-run-version-v2457-run-tkn": pods "tkn-run-version-v2457-run-tkn-pod" is forbidden: violates PodSecurity "restricted:latest": allowPrivilegeEscalation != false (containers "prepare", "place-scripts", "step-tkn" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (containers "prepare", "place-scripts", "step-tkn" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or containers "prepare", "place-scripts" must set securityContext.runAsNonRoot=true), seccompProfile (pod or containers "prepare", "place-scripts", "step-tkn" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost"). Maybe missing or invalid Task default/tkn

Env:

OpenShift 4.12.0-ec.5
Pipelines 1.8.1 (build 361784)

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Pavol Pitoňák

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2022/11/07 4:57 PM

Updated:: 2022/11/08 9:44 AM

Resolved:: 2022/11/08 9:44 AM