Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Do not set priority on container-build SCC when container-build is enabled #21959

Closed
amisevsk opened this issue Jan 26, 2023 · 1 comment
Closed
Labels
area/che-operator Issues and PRs related to Eclipse Che Kubernetes Operator area/install Issues related to installation, including offline/air gap and initial setup kind/bug Outline of a bug - must adhere to the bug report template. severity/blocker Causes system to crash and be non-recoverable or prevents Che developers from working on Che code.

Comments

@amisevsk
Copy link
Contributor

Describe the bug

When container builds are enabled for workspaces, the Che Operator will create an SCC to be used by workspace containers. This SCC is created with a priority of 20, which can cause issues in clusters (if the container-build SCC is chosen over an intended SCC).

Initially, the container build functionality required the higher priority SCC in order to correctly associate the SCC with workspace continers. However, since #21770 is resolved, this should no longer be required.

Che version

7.60@latest

Steps to reproduce

  1. Enable container build functionality by setting .devEnvironments.disableContainerBuildCapabilites: false in the CheCluster
  2. Start a workspace
  3. Check the priority field on the container-build SCC

Expected behavior

SCC should have priority 0 so as to not override other SCCs inadvertently.

Runtime

OpenShift

Screenshots

No response

Installation method

chectl/next, OperatorHub

Environment

other (please specify in additional context)

Eclipse Che Logs

No response

Additional context

No response

@amisevsk amisevsk added the kind/bug Outline of a bug - must adhere to the bug report template. label Jan 26, 2023
@che-bot che-bot added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Jan 26, 2023
@amisevsk amisevsk added area/che-operator Issues and PRs related to Eclipse Che Kubernetes Operator area/install Issues related to installation, including offline/air gap and initial setup labels Jan 26, 2023
@l0rd l0rd added severity/blocker Causes system to crash and be non-recoverable or prevents Che developers from working on Che code. and removed status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. labels Jan 27, 2023
@ibuziuk
Copy link
Member

ibuziuk commented Jan 31, 2023

fixed in eclipse-che/che-operator#1606
Closing

@ibuziuk ibuziuk closed this as completed Jan 31, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/che-operator Issues and PRs related to Eclipse Che Kubernetes Operator area/install Issues related to installation, including offline/air gap and initial setup kind/bug Outline of a bug - must adhere to the bug report template. severity/blocker Causes system to crash and be non-recoverable or prevents Che developers from working on Che code.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants