Skip to content
This repository has been archived by the owner on Sep 26, 2023. It is now read-only.

Use random UID and GID when running on OpenShift #254

Merged
merged 1 commit into from
Sep 19, 2023
Merged

Use random UID and GID when running on OpenShift #254

merged 1 commit into from
Sep 19, 2023

Conversation

mprahl
Copy link
Collaborator

@mprahl mprahl commented Sep 19, 2023

When running on OpenShift, allow OpenShift to assign a random UID and GID for the Gatekeeper containers. When it's not OpenShift, fallback to running as a non-privileged user and group.

Additionally, for backwards compatibility with OpenShift 4.10, seccomp profile is left unset. See the following for this recommendation: https://connect.redhat.com/en/blog/important-openshift-changes-pod-security-standards

@mprahl
Use random UID and GID when running on OpenShift
d57c68f 
When running on OpenShift, allow OpenShift to assign a random UID and
GID for the Gatekeeper containers. When it's not OpenShift, fallback to
running as a non-privileged user and group.

Additionally, for backwards compatibility with OpenShift 4.10, seccomp
profile is left unset. See the following for this recommendation:
https://connect.redhat.com/en/blog/important-openshift-changes-pod-security-standards

Signed-off-by: mprahl <[email protected]>
@mprahl mprahl requested a review from gparvin September 19, 2023 13:19
@mprahl mprahl mentioned this pull request Sep 19, 2023
Closed
@mprahl mprahl merged commit 0585710 into gatekeeper:main Sep 19, 2023
4 checks passed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@gparvin gparvin gparvin approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mprahl @gparvin