You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
i wanted to deploy kubeclarity via Helm on a PSS (restriced mode) secured cluster
What you expected to happen:
that the helm chart gives the oportunity to set seccompProfiles
How to reproduce it (as minimally and precisely as possible):
create cluster with PSS and try install kubeclarify in a restricted namespace
Are there any error messages in KubeClarity logs?
no
Anything else we need to know?:
pods "kubeclarity-kubeclarity-grype-server-59f88f8f8d-x8mzb" is forbidden: violates PodSecurity "restricted:latest": seccompProfile (pod or container "grype-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")
The Problem can easily be solved by not hardcoding the securityContext and allow a manual override in the Helm Chart
Environment:
Kubernetes version (use kubectl version --short): 1.26
KubeClarity Helm Chart version (use helm -n kubeclarity list): 2.23.1
Cloud provider or hardware configuration: i can not tell you about that. The only thing i am allowed to tell is that it is a gardener provisioned cluster
Others:
The text was updated successfully, but these errors were encountered:
Thank you for your contribution! This issue has been automatically marked as stale because it has no recent activity in the last 60 days. It will be closed in 14 days, if no further activity occurs. If this issue is still relevant, please leave a comment to let us know, and the stale label will be automatically removed.
What happened:
i wanted to deploy kubeclarity via Helm on a PSS (restriced mode) secured cluster
What you expected to happen:
that the helm chart gives the oportunity to set seccompProfiles
How to reproduce it (as minimally and precisely as possible):
create cluster with PSS and try install kubeclarify in a restricted namespace
Are there any error messages in KubeClarity logs?
no
Anything else we need to know?:
pods "kubeclarity-kubeclarity-grype-server-59f88f8f8d-x8mzb" is forbidden: violates PodSecurity "restricted:latest": seccompProfile (pod or container "grype-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")
The Problem can easily be solved by not hardcoding the securityContext and allow a manual override in the Helm Chart
Environment:
kubectl version --short
): 1.26helm version
): 3.13.2kubectl -n kubeclarity exec deploy/kubeclarity -- ./backend version
): 2.23.1helm -n kubeclarity list
): 2.23.1The text was updated successfully, but these errors were encountered: