Uploaded image for project: 'Knative Serving'
  1. Knative Serving
  2. SRVKS-1310

With secure-pod-defaults: Enabled, "Kubernetes default value is insecure" warning still shows insecure "spec.template.spec.containers[0].securityContext.seccompProfile"

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Normal Normal
    • 1.38.0
    • 1.35.0, 1.36.0, 1.37.0, 1.38.0
    • None
    • None
    • False
    • Hide

      None

      Show
      None
    • False

      Having KnativeServing on OCP 4.17 with

        config:
    features:
      secure-pod-defaults: Enabled

      Creating a default ksvc

      apiVersion: serving.knative.dev/v1
kind: Service
metadata:
  name: helloworld-go
spec:
  template:
    spec:
      containers:
      - image: gcr.io/knative-samples/helloworld-go
        env:
        - name: TARGET
          value: "Go Sample v1"

      still shows a warning about insecure defaults

      c create -f helloworld-v1.yaml 
Warning: Kubernetes default value is insecure, Knative may default this to secure in a future release: spec.template.spec.containers[0].securityContext.seccompProfile
service.serving.knative.dev/helloworld-go created

              rh-ee-nziada Nader Ziada
              maschmid@redhat.com Marek Schmidt
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: