Bulat Khamitov requested to merge fix-migration-pod-permissions into main Apr 02, 2024

General MR

Summary

Kyverno policies failing for migration pod

Relevant logs/screenshots

default            45m         Warning   PolicyViolation                clusterpolicy/require-non-root-user                                Pod anchore/anchore-enterprise-migrate-db: [non-root-user] fail (blocked); validation failure: validation error: Either `runAsNonRoot` must be set to true or `runAsUser` must be > 0 in spec.securityContext or (spec.containers[*].securityContext, spec.initContainers[*].securityContext, and spec.ephemeralContainers[*].securityContext). rule non-root-user[0] failed at path /securityContext/ rule non-root-user[1] failed at path /securityContext/
default            45m         Warning   PolicyViolation                clusterpolicy/require-non-root-group                               Pod anchore/anchore-enterprise-migrate-db: [run-as-group] fail (blocked); validation failure: validation error: runAsGroup must be set to an id > 0 in either spec.securityContext.runAsGroup or (spec.containers[*].securityContext.runAsGroup, spec.initContainers[*].securityContext.runAsGroup, and spec.ephemeralContainers[*].securityContext.runAsGroup). rule run-as-group[0] failed at path /securityContext/

Linked Issue

#137 (closed)

Upgrade Notices

N/A

Edited Apr 02, 2024 by Bulat Khamitov

Admin message

Update security context

General MR

Summary

Relevant logs/screenshots

Linked Issue

Upgrade Notices

Merge request reports