Fix eso_mount.yaml kyverno policy issues
Bug
Description
While running in BB pipeline eso_mount.yaml test script is throwing kyverno policy errors
disallow-image-tags:
require-image-tag: '\''validation failure: validation error: Images without tags are
mutable and not allowed. rule require-image-tag failed at path /image/'\''
require-drop-all-capabilities:
drop-all-capabilities: '\''validation failure: Containers must drop all Linux capabilities
by setting the fields spec.containers[*].securityContext.capabilities.drop, spec.initContainers[*].securityContext.capabilities.drop,
and spec.ephemeralContainers[*].securityContext.capabilities.drop to `ALL`.'\''
require-non-root-group:
run-as-group: '\''validation failure: validation error: runAsGroup must be set to an
id > 0 in either spec.securityContext.runAsGroup or (spec.containers[*].securityContext.runAsGroup,
spec.initContainers[*].securityContext.runAsGroup, and spec.ephemeralContainers[*].securityContext.runAsGroup).
rule run-as-group[0] failed at path /securityContext/'\''
require-non-root-user:
non-root-user: '\''validation failure: validation error: Either `runAsNonRoot` must
be set to true or `runAsUser` must be > 0 in spec.securityContext or (spec.containers[*].securityContext,
spec.initContainers[*].securityContext, and spec.ephemeralContainers[*].securityContext).
rule non-root-user[0] failed at path /securityContext/ rule non-root-user[1] failed
at path /securityContext/'\''
restrict-host-path-write:
require-readonly-hostpath: rule skipped
restrict-image-registries:
validate-registries: '\''validation failure: validation error: Image registry is not
in the approved list. rule validate-registries failed at path /image/'\'''
Example https://repo1.dso.mil/big-bang/bigbang/-/jobs/36206724