You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Sonarqube is no longer compliant with the Baseline PodSecurityStandard.
After a pending upgrade to sonarqube-10.5.0_2748 I face following issue:
create Pod sonarqube-sonarqube-0 in StatefulSet sonarqube-sonarqube failed error: pods "sonarqube-sonarqube-0" is forbidden: violates PodSecurity "baseline:latest": privileged (containers "init-sysctl", "concat-properties", "install-plugins" must not set securityContext.privileged=true)
To solve it I removed the enforced Baseline PSS for this deployments namespace, which is not really the happy path I would take as it worked before.
The text was updated successfully, but these errors were encountered:
Hello @dirsigler, thanks a lot for taking the time to participate in the community.
Could you share your value file and double check that you have not set specific security context for initContainers at some point?
Because the default set of value set privileged=true only for init-sysctl which is a specific case described in the production section of the helm chart README.
With these commits...
...for the Dockerfile: 8e556d6
...for the Helm Chart: SonarSource/helm-chart-sonarqube@9b273fc
Sonarqube is no longer compliant with the Baseline PodSecurityStandard.
After a pending upgrade to
sonarqube-10.5.0_2748
I face following issue:To solve it I removed the enforced Baseline PSS for this deployments namespace, which is not really the happy path I would take as it worked before.
The text was updated successfully, but these errors were encountered: