lunny/helm-chart
1
0
Fork 1
Code Issues 36 Pull Requests 14 Actions Packages Projects Releases 93 Wiki Activity

SSH not working due missing security capability in CRI-O environment #176

Merged
volker.raschek merged 1 commits from master into master 2021-07-01 15:02:57 +00:00
Conversation 6 Commits 1 Files Changed 2 +7
volker.raschek commented 2021-06-12 14:34:30 +00:00 (Migrated from gitea.com)
Copy Link

This patch add the SYS_CHROOT capability if the securityContext is
undefined. Otherwise the SSH Server does not work correctly as described
in the issue #161.

Fixes: #161

This patch add the SYS_CHROOT capability if the securityContext is undefined. Otherwise the SSH Server does not work correctly as described in the issue #161. Fixes: #161
justusbunsi commented 2021-06-17 05:22:47 +00:00 (Migrated from gitea.com)
Copy Link

WIP as per https://gitea.com/gitea/helm-chart/issues/161#issuecomment-440630

WIP as per https://gitea.com/gitea/helm-chart/issues/161#issuecomment-440630
justusbunsi commented 2021-06-17 20:04:59 +00:00 (Migrated from gitea.com)
Copy Link

(in values.yaml)

 # only usable with rootless image due to image design
securityContext:....

Is SYS_CHROOTnecessary for both image variants? If so, could you pleass extend this comment so that users don't get confused?

Maybe something like ...except for clusters using cri-o where SYS_CHROOT needs to be set. ?

(in values.yaml) ``` # only usable with rootless image due to image design securityContext:.... ``` Is `SYS_CHROOT`necessary for both image variants? If so, could you pleass extend this comment so that users don't get confused? Maybe something like `...except for clusters using cri-o where SYS_CHROOT needs to be set`. ?
justusbunsi commented 2021-06-29 20:49:59 +00:00 (Migrated from gitea.com)
Copy Link

@volker.raschek Please update your branch to the latest master and have a look at that comment.

@volker.raschek Please update your branch to the latest master and have a look at [that comment](https://gitea.com/gitea/helm-chart/issues/176#issuecomment-440777).
techknowlogick (Migrated from gitea.com) approved these changes 2021-06-30 17:52:21 +00:00
justusbunsi (Migrated from gitea.com) approved these changes 2021-06-30 18:11:03 +00:00
justusbunsi (Migrated from gitea.com) left a comment
Copy Link

LGTM. Thanks for your effort.

LGTM. Thanks for your effort.
luhahn (Migrated from gitea.com) approved these changes 2021-07-01 13:29:12 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
techknowlogick
justusbunsi
luhahn
Labels
Clear labels
has/backport
in progress
invalid
kind/breaking
kind/bug
kind/build
kind/dependency
kind/deployment
kind/docs
kind/enhancement
kind/feature
kind/lint
kind/proposal
kind/question
kind/refactor
kind/security
kind/testing
kind/translation
kind/ui
need/backport
priority/critical
priority/low
priority/maybe
priority/medium
reviewed/duplicate
reviewed/invalid
reviewed/wontfix
skip-changelog
status/blocked
status/needs-feedback
status/needs-reviews
status/wip
upstream/gitea
upstream/other
No Label
kind/docs
Milestone
No items
No Milestone Release 4.0.0
Projects
Clear projects
No project
Assignees
Clear assignees
lunny
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: lunny/helm-chart#176
No description provided.
Delete Branch "master"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?