UNCLASSIFIED - NO CUI

Skip to content

Fix enterprise permissions

Michael Martin requested to merge fix-enterprise-permissions into main

General MR

Summary

Set the pod security context regardless of the docker images exported User value.

In the case of big-bang/bigbang#1922 (closed) , the fips image exported:

"User": "",
"User": "65532"

the non-fips image was using:

"User": "",
"User": "1337:1337",

Instead of relying on the Docker image values, we can enforce the User/Group in our K8s securityContext. These changes will ensure the containers always run in the k8s cluster with the expected User/Group

I verified the istiod pods come up using 1337:1337 for both the standard and enterprise-enabled installs.

Linked Issue

for big-bang/bigbang#1922 (closed)

Upgrade Notices

N/A

Edited by Michael Martin

Merge request reports

Loading