Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove controller-manager uid and gid settings #198

Merged
merged 1 commit into from
Mar 14, 2022
Merged

Remove controller-manager uid and gid settings #198

merged 1 commit into from
Mar 14, 2022

Conversation

redhatrises
Copy link
Contributor

  • Current uid/gid settings for the controller manager break on more security conscious
    kubernetes distros where uid/gid is generated off of a random uid range that might
    require uid/gid to be > 65000

isimluk
isimluk suggested changes Feb 25, 2022
View reviewed changes
Copy link
Contributor

@isimluk isimluk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I always recommend to look at the git history, when something is not making sense on a first sight.

@redhatrises
Copy link
Contributor Author

I was getting errors deploying the controller due to uid being to small for the uid range... Ironically, now I am not. Closing this for now.

@isimluk
Copy link
Contributor

isimluk commented Mar 8, 2022

I have now run into the same issue as well. Ironically, I don't think I did anything to trigger it.

If we merge this, we kinda drop support for OpenShift 4.7 as this piece of config was introduced to support similar yet different error on OpenShift 4.7.

Alternatively, we could drop runAsNonRoot hardening and support them all.

@isimluk isimluk reopened this Mar 8, 2022
@isimluk
Copy link
Contributor

isimluk commented Mar 8, 2022

FYI, OpenShift 4.7 is getting close to its EOL: https://access.redhat.com/support/policy/updates/openshift

@redhatrises
Remove controller-manager uid and gid settings
6758072 
- Current uid/gid settings for the controller manager break on more security conscious
  kubernetes distros where uid/gid is generated off of a random uid range that might
  require uid/gid to be > 65000
@isimluk isimluk merged commit 8c18574 into CrowdStrike:main Mar 14, 2022
@redhatrises redhatrises deleted the fix_manager_perms branch March 14, 2022 15:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@isimluk isimluk isimluk approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@redhatrises @isimluk