From 3b94157afa3ee8797bfeeb13ef6a3564ee7699d0 Mon Sep 17 00:00:00 2001 From: Moritz Clasmeier Date: Wed, 8 May 2024 12:34:36 +0200 Subject: [PATCH 1/2] Add overlay for collector DaemonSet --- .../secured-cluster/templates/secured-cluster-cr.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/dp-terraform/helm/rhacs-terraform/charts/secured-cluster/templates/secured-cluster-cr.yaml b/dp-terraform/helm/rhacs-terraform/charts/secured-cluster/templates/secured-cluster-cr.yaml index e3631ffeb5..566ac0a794 100644 --- a/dp-terraform/helm/rhacs-terraform/charts/secured-cluster/templates/secured-cluster-cr.yaml +++ b/dp-terraform/helm/rhacs-terraform/charts/secured-cluster/templates/secured-cluster-cr.yaml @@ -105,3 +105,12 @@ spec: {{- if .Values.scannerV4.db.nodeSelector }} nodeSelector: {{ toYaml .Values.scannerV4.db.nodeSelector | nindent 8 }} {{- end }} + # TODO(ROX-24119): Once the issue is fixed within the Helm chart we can remove this: + overlays: + - apiVersion: apps/v1 + kind: DaemonSet + name: collector + patches: + - path: .spec.template.spec.containers[name:node-inventory].securityContext + value: | + privileged: true From 34095a3830172b6d4d4730228c09e39880e14e33 Mon Sep 17 00:00:00 2001 From: Moritz Clasmeier <111092021+mclasmeier@users.noreply.github.com> Date: Wed, 8 May 2024 23:09:15 +0200 Subject: [PATCH 2/2] Update secured-cluster-cr.yaml Co-authored-by: Ludovic Cleroux --- .../charts/secured-cluster/templates/secured-cluster-cr.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/dp-terraform/helm/rhacs-terraform/charts/secured-cluster/templates/secured-cluster-cr.yaml b/dp-terraform/helm/rhacs-terraform/charts/secured-cluster/templates/secured-cluster-cr.yaml index 566ac0a794..e99e29932b 100644 --- a/dp-terraform/helm/rhacs-terraform/charts/secured-cluster/templates/secured-cluster-cr.yaml +++ b/dp-terraform/helm/rhacs-terraform/charts/secured-cluster/templates/secured-cluster-cr.yaml @@ -111,6 +111,5 @@ spec: kind: DaemonSet name: collector patches: - - path: .spec.template.spec.containers[name:node-inventory].securityContext - value: | - privileged: true + - path: spec.template.spec.containers[name:node-inventory].securityContext.privileged + value: "true"