Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

helm: Set rthooks.podSecurityContext to empty by default #2934

Merged
merged 1 commit into from
Sep 19, 2024
Merged

helm: Set rthooks.podSecurityContext to empty by default #2934

merged 1 commit into from
Sep 19, 2024

Conversation

michi-covalent
Copy link
Contributor

[ upstream commit 2558359 ]

Set rthooks.podSecurityContext to empty by default to be consistent with the security context setting of Tetragon pods. Also note that "privileged" setting only applies to container security context 12.

Footnotes

  1. https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#podsecuritycontext-v1-core

  2. https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#securitycontext-v1-core

@michi-covalent
helm: Set rthooks.podSecurityContext to empty by default
b99782f 
[ upstream commit 2558359 ]

Set rthooks.podSecurityContext to empty by default to be consistent with
the security context setting of Tetragon pods. Also note that
"privileged" setting only applies to container security context [^1][^2].

[^1]: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#podsecuritycontext-v1-core
[^2]: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#securitycontext-v1-core

Signed-off-by: Michi Mutsuzaki <[email protected]>
@michi-covalent michi-covalent added kind/backport This PR provides functionality previously merged into master. release-note/misc This PR makes changes that have no direct user impact. labels Sep 18, 2024
@michi-covalent michi-covalent requested a review from a team as a code owner September 18, 2024 15:02
@michi-covalent michi-covalent requested review from olsajiri and removed request for a team September 18, 2024 15:02
@michi-covalent
Copy link
Contributor Author

backporting #2931 to v1.2 branch.

@kkourt kkourt merged commit 1f90aa2 into v1.2 Sep 19, 2024
40 checks passed
@kkourt kkourt deleted the pr/michi/backport1.2 branch September 19, 2024 16:45
@BrewTestBot BrewTestBot mentioned this pull request Nov 27, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kkourt kkourt kkourt approved these changes

@olsajiri olsajiri Awaiting requested review from olsajiri olsajiri is a code owner automatically assigned from cilium/tetragon

Assignees
No one assigned
Labels
kind/backport This PR provides functionality previously merged into master. release-note/misc This PR makes changes that have no direct user impact.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@michi-covalent @kkourt