mysql-operator icon indicating copy to clipboard operation
mysql-operator copied to clipboard

Published 20 hours ago verified publisher icon bitpoke

Operator should set seccompProfile RuntimeDefault

Open haslersn opened this issue 2 years ago • 1 comments

The operator should add

securityContext:
  seccompProfile:
    type: RuntimeDefault

to the spec of created Pods in order to be compatible with the Restricted policy of Pod Security Standards (previous to Kubernetes 1.22 where the SeccompDefault feature gate hits alpha).

haslersn avatar Dec 27 '21 23:12 haslersn

I don't understand all the implications right now, as I'm not up to date with Pod Security Standards. Can you try a PR and check that it still runs on k8s >= 1.19.

Thanks!

calind avatar Feb 07 '22 12:02 calind