Skip to content
This repository has been archived by the owner on Aug 12, 2024. It is now read-only.

Pod Security #879

Merged
merged 1 commit into from
May 6, 2024
Merged

Pod Security #879

merged 1 commit into from
May 6, 2024

Conversation

dtfranz
Copy link
Contributor

@dtfranz dtfranz commented May 3, 2024

Change bundle unpack pod security settings to allow running in restricted namespaces. Change Dockerfile to use debug-nonroot image as builder only because we only need the cp binary from it.

@dtfranz dtfranz requested a review from a team as a code owner May 3, 2024 19:01
@dtfranz dtfranz force-pushed the pod-security branch 2 times, most recently from 7f6e89e to 2b5bb3b Compare May 3, 2024 19:09
tmshort
tmshort reviewed May 3, 2024
View reviewed changes
pkg/source/image.go Outdated Show resolved Hide resolved
@codecov Codecov
Copy link

codecov bot commented May 3, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 37.27%. Comparing base (72cffe6) to head (62a0be9).
Report is 1 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #879   +/-   ##
=======================================
  Coverage   37.27%   37.27%           
=======================================
  Files           9        9           
  Lines         845      845           
=======================================
  Hits          315      315           
  Misses        486      486           
  Partials       44       44

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@dtfranz dtfranz force-pushed the pod-security branch 2 times, most recently from 1ad201d to 9a4d42e Compare May 3, 2024 19:15
@varshaprasad96
Copy link
Member

e2e is failing because of change in base image. Looks like we are trying to list something:

exec: \"ls\": executable file not found in $PATH: unknown"

@dtfranz
Pod Security
62a0be9 
Change bundle unpack pod security settings to allow running in restricted namespaces. Change Dockerfile to use debug-nonroot image as builder only because we only need the cp binary from it.

Signed-off-by: dtfranz <[email protected]>
@dtfranz
Copy link
Contributor Author

dtfranz commented May 3, 2024

e2e is failing because of change in base image. Looks like we are trying to list something:

exec: \"ls\": executable file not found in $PATH: unknown"

I'll just add ls from the base image for now as we do for cp if you're OK with that.

varshaprasad96
varshaprasad96 approved these changes May 3, 2024
View reviewed changes
Copy link
Member

@varshaprasad96 varshaprasad96 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The changes look good to me!
/lgtm
/approve

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label May 3, 2024
@grokspawn grokspawn added this pull request to the merge queue May 6, 2024
Merged via the queue into operator-framework:main with commit b6c74d4 May 6, 2024
10 checks passed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@tmshort tmshort tmshort left review comments

@varshaprasad96 varshaprasad96 varshaprasad96 approved these changes

Assignees

@varshaprasad96 varshaprasad96

Labels
lgtm Indicates that a PR is ready to be merged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@dtfranz @varshaprasad96 @tmshort @grokspawn