Open kndoni opened 4 months ago
As workaround you can use a kyverno ClusterPolicy
apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:
name: postgresql-securitycontext
spec:
rules:
- name: mutate-postgresql-sts
match:
any:
- resources:
kinds:
- Pod
selector:
matchLabels:
application: spilo
mutate:
patchStrategicMerge:
spec:
containers:
- (name): "*"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
securityContext:
runAsNonRoot: true
Hello I am trying to set up postgres-operator in kubernetes cluster. I am using latest version v1.12.2 Apparently I can only configure securityContext for postgres-operator with (allow_privilege_escalation and runAsNonRoot). But I can not do the same for postgres-operator-ui or for the cluster configuration itself. So with this issues in place I can not successfully use the operator. I also saw there are a lot of other issues ongoing related with this. Is there someone working on this issue already or do you plan to add this in the future?
Thanks in advance!