dangerd   [14 days ago]
@markusthoemmes On 4092 are you saying that the userid will end up not being 1000?

markusthoemmes   [14 days ago]
On Openshift it doesn't, but that's due to Openshift's mechanisms

dangerd   [14 days ago]
I.e. Openshift applies a platform default instead of taking the container's "USER"

markusthoemmes   [14 days ago]
it does a randomized thing by default

markusthoemmes   [14 days ago]
in the same vein, maybe something to chew on: Could we maybe provide tags/flags to skip all SHOULD tests and only verify the MUST tests? That could alleviate issues like this

dangerd   [14 days ago]
Yes. That is why we split them out. :slightly_smiling_face: I want us to be able to run the runtime separate from the API tests and run the SHOULD tests separate from the MUST tests

markusthoemmes   [14 days ago]
that'd be neato!

markusthoemmes   [14 days ago]
btw here's some context on Openshift's behavior: https://cookbook.openshift.org/users-and-role-based-access-control/why-do-my-applications-run-as-a-random-user-id.html

dangerd   [14 days ago]
I was just about to ask that

dangerd   [14 days ago]
I would like to figure out if we could converge further here to similar behavior, or define it in a way that supports both with least surprise to users

markusthoemmes   [14 days ago]
the fundamental difference is that Openshift has one more layer of indirection/defaulting here. I can turn that off per SA I believe

argent   [13 days ago]
I'd love to see Knative use random UIDs by default, but I don't know if that will cause any K8s/container issues. I'm sort of mad that Docker decided to default to `root` in the container, but that's like being mad at gravity at this point.