Uploaded image for project: 'OpenShift Pipelines'
  1. OpenShift Pipelines
  2. SRVKP-2963

Failure in pruner job creation

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • Pipelines 1.10.0
    • Pipelines 1.10.0
    • Operator
    • None
    • 1
    • False
    • None
    • False
    • 1
    • Pipelines Sprint 234

      Description of problem:

      Failure in pruner job creation

      Prerequisites (if any, like setup, operators/versions):

      Install the latest build of Openshift Pipelines 1.10.0

      Steps to Reproduce

      1. Update pruner config schedule to *1 * * * **
      2. Observe the events of the job in openshift-pipelines namespace

      Actual results:

      The pruner job is getting failed with the below error

      Error creating: pods "tekton-resource-pruner-xs478-28001280-" is forbidden: unable to validate against any security context constraint: [provider "anyuid": Forbidden: not usable by user or serviceaccount, provider "pipelines-scc": Forbidden: not usable by user or serviceaccount, provider restricted-v2: .spec.securityContext.fsGroup: Invalid value: []int64{65532}: 65532 is not an allowed group, spec.containers[0].securityContext.runAsUser: Invalid value: 65532: must be in the ranges: [1000680000, 1000689999], provider "restricted": Forbidden: not usable by user or serviceaccount, provider "nonroot-v2": Forbidden: not usable by user or serviceaccount, pod.metadata.annotations[seccomp.security.alpha.kubernetes.io/pod]: Forbidden: seccomp may not be set, pod.metadata.annotations[container.seccomp.security.alpha.kubernetes.io/pruner-tkn-openshift-pipelines-7hkvk]: Forbidden: seccomp may not be set, provider "hostmount-anyuid": Forbidden: not usable by user or serviceaccount, provider "machine-api-termination-handler": Forbidden: not usable by user or serviceaccount, provider "hostnetwork-v2": Forbidden: not usable by user or serviceaccount, provider "hostnetwork": Forbidden: not usable by user or serviceaccount, provider "hostaccess": Forbidden: not usable by user or serviceaccount, provider "node-exporter": Forbidden: not usable by user or serviceaccount, provider "privileged": Forbidden: not usable by user or serviceaccount]

      Expected results:

      Pruner job should get created without any error

      Reproducibility (Always/Intermittent/Only Once):

      Always

      Build Details:

      https://artifacts.ospqa.com/builds/1.10.0/464155-4.11/ 

      Additional info (Such as Logs, Screenshots, etc):

      tkn version                                                           
Client version: 0.30.0
Pipeline version: v0.44.0
Triggers version: v0.23.0
Operator version: v0.65.1

       

              jkandasa-rh Jeeva Kandasamy
              varadhya Veeresh Aradhya (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: