Drop unused permissions for LDAP sync - Githubissues

appuio / component-openshift4-authentication

Commodore component to manage authentication on OpenShift 4

BSD 3-Clause "New" or "Revised" License

2 stars 0 forks source link

Drop unused permissions for LDAP sync #76

Closed glrf closed 2 years ago

glrf commented 2 years ago

This PR drops permissions to be in line with the restricted pss. This avoids a warning in ocp 4.11, as the openshift-config namespace is not intended to run privileged workload and the PSA will emit a warning for every pod creation

Checklist

[x] PR contains a single logical change (to build a better changelog).
[x] Categorize the PR by setting a good title and adding one of the labels: bug, enhancement, documentation, change, breaking, dependency as they show up in the changelog.

glrf commented 2 years ago

Tested on the 4.11 test cluster (as our 4.10 cluster doesn't use LDAP anymore..)