Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add securityContext to the manager containers #385

Merged
merged 2 commits into from
Aug 9, 2024
Merged

add securityContext to the manager containers #385

merged 2 commits into from
Aug 9, 2024

Conversation

AshleyDumaine
Copy link
Contributor

@AshleyDumaine AshleyDumaine commented Jul 31, 2024
edited
Loading

kind/bug

What this PR does / why we need it: Without securityContext set for the manager containers, RKE2 bootstrap and control-plane providers cannot be installed into an RKE2 cluster with cis-profile set (e.g. creating a hardened RKE2 cluster and pivoting the management cluster into it).

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #384

Special notes for your reviewer:

Checklist:

  • squashed commits into logical changes
  • includes documentation
  • adds unit tests
  • adds or updates e2e tests

@furkatgofurov7 furkatgofurov7 added the kind/bug Something isn't working label Aug 7, 2024
@furkatgofurov7 furkatgofurov7 added this to the v0.6.0 milestone Aug 7, 2024
@furkatgofurov7
Copy link
Contributor

@AshleyDumaine thanks for the contribution.
I was checking the previous releases of the CAPI, and noticed they introduced same changes in release-1.4 minor version. As we strive to align with upstream and CAPI in general, can I ask you to take a look at https://github.com/kubernetes-sigs/cluster-api/pull/7831/files#diff-8d4b80dac52bef6a87376c16699a47555f567a9c7b68408965e37b68dedee6cb and add the missing bits in this patch?

@AshleyDumaine
Copy link
Contributor Author

@AshleyDumaine thanks for the contribution. I was checking the previous releases of the CAPI, and noticed they introduced same changes in release-1.4 minor version. As we strive to align with upstream and CAPI in general, can I ask you to take a look at https://github.com/kubernetes-sigs/cluster-api/pull/7831/files#diff-8d4b80dac52bef6a87376c16699a47555f567a9c7b68408965e37b68dedee6cb and add the missing bits in this patch?

Sounds good, just pushed the update 👍

@furkatgofurov7
Copy link
Contributor

@alexander-demicev @salasberryfin @Danil-Grigorev

alexander-demicev
alexander-demicev approved these changes Aug 9, 2024
View reviewed changes
Copy link
Member

@alexander-demicev alexander-demicev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks!

@furkatgofurov7 furkatgofurov7 disabled auto-merge August 9, 2024 08:47
@furkatgofurov7 furkatgofurov7 merged commit 480a96d into rancher:main Aug 9, 2024
6 checks passed
@AshleyDumaine AshleyDumaine deleted the security-context branch August 9, 2024 13:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@furkatgofurov7 furkatgofurov7 furkatgofurov7 approved these changes

@alexander-demicev alexander-demicev alexander-demicev approved these changes

Assignees
No one assigned
Labels
kind/bug Something isn't working
Projects
None yet
Milestone
v0.6.0
Development

Successfully merging this pull request may close these issues.

Cannot install RKE2 bootstrap and control-plane providers into an RKE2 cluster with cisProfile set
3 participants
@AshleyDumaine @furkatgofurov7 @alexander-demicev