Skip to content
This repository has been archived by the owner on Sep 26, 2023. It is now read-only.

Use random UID and GID when running on OpenShift #253

Closed
wants to merge 1 commit into from
Closed

Use random UID and GID when running on OpenShift #253

wants to merge 1 commit into from

Conversation

mprahl
Copy link
Collaborator

@mprahl mprahl commented Sep 18, 2023

When running on OpenShift, allow OpenShift to assign a random UID and GID for the Gatekeeper containers. When it's not OpenShift, fallback to running as a non-privileged user and group.

Additionally, for backwards compatibility with OpenShift 4.10, seccomp profile is left unset. See the following for this recommendation: https://connect.redhat.com/en/blog/important-openshift-changes-pod-security-standards

@mprahl mprahl requested a review from gparvin September 18, 2023 20:15
@mprahl
Use random UID and GID when running on OpenShift
9bfdfe8 
When running on OpenShift, allow OpenShift to assign a random UID and
GID for the Gatekeeper containers. When it's not OpenShift, fallback to
running as a non-privileged user and group.

Additionally, for backwards compatibility with OpenShift 4.10, seccomp
profile is left unset. See the following for this recommendation:
https://connect.redhat.com/en/blog/important-openshift-changes-pod-security-standards

Signed-off-by: mprahl <[email protected]>
@mprahl mprahl requested a review from gparvin September 19, 2023 13:17
@mprahl mprahl closed this Sep 19, 2023
@mprahl
Copy link
Collaborator Author

mprahl commented Sep 19, 2023

GitHub wasn't seeing the force push so I opened a new PR at #254.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@gparvin gparvin Awaiting requested review from gparvin

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mprahl @gparvin