At what step of the track did this happen?
Exploring Kustomize
Describe the bug
Receiving a warning after kubectl apply -k ./ so it's not a showstopper. It would be an improved user experience—and perhaps recommended practice overall—to accommodate the new OpenShift Pod Security Standards, if that is what is at issue here.
[root@crc-lgph7-master-0 kustomize-build]# kubectl apply -k ./
Warning: would violate PodSecurity "restricted:v1.24": allowPrivilegeEscalation != false
(container "welcome-php" must set securityContext.allowPrivilegeEscalation=false),
unrestricted capabilities (container "welcome-php" must set
securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container
"welcome-php" must set securityContext.runAsNonRoot=true), seccompProfile (pod or
container "welcome-php" must set securityContext.seccompProfile.type to
"RuntimeDefault" or "Localhost")
deployment.apps/welcome-php created
Expected behavior
No warning if possible.
Screenshots
n/a
Desktop (please complete the following information):
In which track did this bug occur? Working with Kustomize
what is the url for the track? https://developers.redhat.com/courses/gitops/working-kustomize
At what step of the track did this happen? Exploring Kustomize
Describe the bug Receiving a warning after
kubectl apply -k ./so it's not a showstopper. It would be an improved user experience—and perhaps recommended practice overall—to accommodate the new OpenShift Pod Security Standards, if that is what is at issue here.https://connect.redhat.com/en/blog/important-openshift-changes-pod-security-standards
Logs or error messages
Expected behavior No warning if possible.
Screenshots n/a
Desktop (please complete the following information):
Additional context n/a