search

argoproj / argo-events

Event-driven Automation Framework for Kubernetes
https://argoproj.github.io/argo-events/
Apache License 2.0
2.38k stars 742 forks source link

OpenShift installation without `anyuid` SCC #1472

Open vdymna opened 2 years ago

vdymna commented 2 years ago

Is your feature request related to a problem? Please describe. We need to deploy argo-events using the namespace install in OpenShift v4.8.19 (Kubernetes v1.21.4+6438632). And according to the installation docs, on OpenShift you must grant anyuid security context constraints to the service account. However, our Security/SRE team doesn't allow anyuid on the production clusters. Just for the context, anyuid SCC allows to run with any UID and any GID including UID 0.

Describe the solution you'd like I would like to explore a possibility/options on how argo-events can be deployed without anyuid SSC.

Describe alternatives you've considered At this point we have no alternatives, as we are not able to deploy with anyuid SSC.

Message from the maintainers:

If you wish to see this enhancement implemented please add a 👍 reaction to this issue! We often sort issues this way to know what to prioritize.

whynowy commented 2 years ago

We need help from who is familiar with OpenShift stuffs.