miguelhrocha
commented
2 weeks ago Closing this because it was not needed. We can set the fsGroup to 1012 and it will allow TFE to run as non-root.
Closed miguelhrocha closed 2 weeks ago
miguelhrocha
commented
2 weeks ago Closing this because it was not needed. We can set the fsGroup to 1012 and it will allow TFE to run as non-root.
When TFE runs with the
securityContext.runAsNonRoot, TFE needs a way to schedule agent pods to the agents' namespace.To achieve this, we have added an optional kubeconfig configuration. Setting the kubeconfig for the TFE pod is required to run TFE as non-root.