Skip to content

Add projected volume plugin into correct SCCs #14147

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 13, 2017
Merged

Add projected volume plugin into correct SCCs #14147

merged 1 commit into from
May 13, 2017

Conversation

jpeeler
Copy link

@jpeeler jpeeler commented May 11, 2017

Adds the projected volume plugin into the correct SCCs (everything but
privileged, because that has access to all volumes).

Closes bugzilla bug 1448816.

@jpeeler jpeeler mentioned this pull request May 11, 2017
Closed
@jpeeler
Copy link
Author

jpeeler commented May 11, 2017

[test]

@openshift-bot
Copy link
Contributor

Evaluated for origin test up to aadcd49

@derekwaynecarr
Copy link
Member

[merge]

@openshift-bot
Copy link
Contributor

Evaluated for origin merge up to aadcd49

@openshift-bot
Copy link
Contributor

continuous-integration/openshift-jenkins/test FAILURE (https://ci.openshift.redhat.com/jenkins/job/test_pull_request_origin/1362/) (Base Commit: 2628c77)

@derekwaynecarr
Copy link
Member

re [merge]

@openshift-bot
Copy link
Contributor

openshift-bot commented May 13, 2017
edited
Loading

continuous-integration/openshift-jenkins/merge SUCCESS (https://ci.openshift.redhat.com/jenkins/job/merge_pull_request_origin/628/) (Base Commit: 0641fae) (Image: devenv-rhel7_6228)

@openshift-bot openshift-bot merged commit ccad8d4 into openshift:master May 13, 2017
@php-coder php-coder mentioned this pull request May 17, 2017
Merged
k8s-github-robot pushed a commit to kubernetes/kubernetes that referenced this pull request May 20, 2017
Merge pull request #45975 from php-coder/psp_and_projected_volume
9f5849a 
Automatic merge from submit-queue (batch tested with PRs 45346, 45903, 45958, 46042, 45975)

examples/podsecuritypolicy/rbac: allow to use projected volumes in restricted PSP

**What this PR does / why we need it**:
This PR modifies `restricted` PSP to allow `projected` volume type. No need to modify `privileged` PSP because it already allows all volume types.

It should not add any harm because `projected` uses configmaps, downward API, and secrets that are already permitted.

**Special notes for your reviewer**:
This was inspired by similar change in the OpenShift: openshift/origin#14147

**Release note**:
```release-note
NONE
```

PTAL @pweil- @derekwaynecarr 
CC @mfojtik
@php-coder php-coder mentioned this pull request Jun 9, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jpeeler @openshift-bot @derekwaynecarr @pmorie