fix: tighten securityContext to comply with restricted PSS #600
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
makes argocd-image-updater compatible with restricted Pod Security Standard Signed-off-by: Takeo Sawada <[email protected]>
tsawada
force-pushed
the
pod-security-standard
branch
from
58ed91e to
a9ba028
Compare
|
We've been running 0.12.2 with this securityContext for a few weeks and things seem to be okay. All other components in ArgoCD have the same securityContext since argoproj/argo-cd#9765 , and I think it is preferable for argocd-image-updater to align with them. @jannfis please let me know if I can do anything to help this getting merged. Thanks in advance! |
jwhy89
pushed a commit
to jwhy89/argocd-image-updater
that referenced
this pull request
Aug 17, 2023
…labs#600) makes argocd-image-updater compatible with restricted Pod Security Standard Signed-off-by: Takeo Sawada <[email protected]> Signed-off-by: Jarvis Yang <[email protected]>
jessebye
pushed a commit
to jessebye/argocd-image-updater
that referenced
this pull request
Sep 1, 2023
…labs#600) makes argocd-image-updater compatible with restricted Pod Security Standard Signed-off-by: Takeo Sawada <[email protected]> Signed-off-by: Jesse Bye <[email protected]>
jessebye
pushed a commit
to jessebye/argocd-image-updater
that referenced
this pull request
Sep 1, 2023
Signed-off-by: satoru <[email protected]> Signed-off-by: Jesse Bye <[email protected]> docs: Fixed typo (argoproj-labs#589) Signed-off-by: Jesse Bye <[email protected]> chore: Preallocate space for slices with known size (argoproj-labs#575) Signed-off-by: satoru <[email protected]> Signed-off-by: Jesse Bye <[email protected]> ci: Fix codegen and update kustomize to post-2.0 (argoproj-labs#590) * ci: Fix codegen Signed-off-by: jannfis <[email protected]> * Fix tar call Signed-off-by: jannfis <[email protected]> --------- Signed-off-by: jannfis <[email protected]> Signed-off-by: Jesse Bye <[email protected]> feat: Respect original parameter overrides with git write-back (argoproj-labs#573) * Fix original override not respected Signed-off-by: KS. Yim <[email protected]> * Add writeOverrides unittest Signed-off-by: KS. Yim <[email protected]> * Add helm override commit test Signed-off-by: KS. Yim <[email protected]> * lint Signed-off-by: KS. Yim <[email protected]> * fix shadowed err Signed-off-by: KS. Yim <[email protected]> --------- Signed-off-by: KS. Yim <[email protected]> Co-authored-by: KS. Yim <[email protected]> Signed-off-by: Jesse Bye <[email protected]> chore: Update to newer argocd version for better API compatibility (argoproj-labs#594) * fix: update go mods to use newer argocd app definition Signed-off-by: Jesse Bye <[email protected]> * fix deps and tests Signed-off-by: Jesse Bye <[email protected]> * fix spelling Signed-off-by: Jesse Bye <[email protected]> --------- Signed-off-by: Jesse Bye <[email protected]> chore(deps): upgrade dependencies for fix vulnerabilities (argoproj-labs#599) Signed-off-by: Viacheslav Sychov <[email protected]> Signed-off-by: Jesse Bye <[email protected]> fix: tighten securityContext to comply with restricted PSS (argoproj-labs#600) makes argocd-image-updater compatible with restricted Pod Security Standard Signed-off-by: Takeo Sawada <[email protected]> Signed-off-by: Jesse Bye <[email protected]> feat: Add possibility to specify write-back GIT repository as annotation (argoproj-labs#424) * Add possibility to specify write-back GIT repository as annotation. Signed-off-by: flozzone <[email protected]> * Update golangci-lint to 1.52.2. Signed-off-by: flozzone <[email protected]> * Replace deprecated golangci linters with 'unused' linter. Signed-off-by: flozzone <[email protected]> * Fix Goimport issues. Signed-off-by: flozzone <[email protected]> --------- Signed-off-by: flozzone <[email protected]> Signed-off-by: Jesse Bye <[email protected]> fix: support ocischema.DeserializedImageIndex in registry client Signed-off-by: Jesse Bye <[email protected]> fix test Signed-off-by: Jesse Bye <[email protected]> fix: update go mods to use newer argocd app definition Signed-off-by: Jesse Bye <[email protected]> fix deps and tests Signed-off-by: Jesse Bye <[email protected]> merge master Signed-off-by: Jesse Bye <[email protected]> fix go mods Signed-off-by: Jesse Bye <[email protected]> refactor: use shared function to reduce duplication Signed-off-by: Jesse Bye <[email protected]> fix: update go mods to use newer argocd app definition Signed-off-by: Jesse Bye <[email protected]> fix deps and tests Signed-off-by: Jesse Bye <[email protected]> merge master Signed-off-by: Jesse Bye <[email protected]> fix go mods Signed-off-by: Jesse Bye <[email protected]> Fix after rebase Signed-off-by: Jesse Bye <[email protected]> chore: Fix spell checking config (argoproj-labs#577) Signed-off-by: satoru <[email protected]> docs: Fixed typo (argoproj-labs#589) chore: Preallocate space for slices with known size (argoproj-labs#575) Signed-off-by: satoru <[email protected]> ci: Fix codegen and update kustomize to post-2.0 (argoproj-labs#590) * ci: Fix codegen Signed-off-by: jannfis <[email protected]> * Fix tar call Signed-off-by: jannfis <[email protected]> --------- Signed-off-by: jannfis <[email protected]> feat: Respect original parameter overrides with git write-back (argoproj-labs#573) * Fix original override not respected Signed-off-by: KS. Yim <[email protected]> * Add writeOverrides unittest Signed-off-by: KS. Yim <[email protected]> * Add helm override commit test Signed-off-by: KS. Yim <[email protected]> * lint Signed-off-by: KS. Yim <[email protected]> * fix shadowed err Signed-off-by: KS. Yim <[email protected]> --------- Signed-off-by: KS. Yim <[email protected]> Co-authored-by: KS. Yim <[email protected]> chore: Update to newer argocd version for better API compatibility (argoproj-labs#594) * fix: update go mods to use newer argocd app definition Signed-off-by: Jesse Bye <[email protected]> * fix deps and tests Signed-off-by: Jesse Bye <[email protected]> * fix spelling Signed-off-by: Jesse Bye <[email protected]> --------- Signed-off-by: Jesse Bye <[email protected]> chore(deps): upgrade dependencies for fix vulnerabilities (argoproj-labs#599) Signed-off-by: Viacheslav Sychov <[email protected]> fix: tighten securityContext to comply with restricted PSS (argoproj-labs#600) makes argocd-image-updater compatible with restricted Pod Security Standard Signed-off-by: Takeo Sawada <[email protected]>
xescab
pushed a commit
to xescab/argocd-image-updater
that referenced
this pull request
Sep 8, 2023
…labs#600) makes argocd-image-updater compatible with restricted Pod Security Standard Signed-off-by: Takeo Sawada <[email protected]> Signed-off-by: Francesc Arbona <[email protected]>
dlactin
pushed a commit
to dlactin/argocd-image-updater
that referenced
this pull request
May 9, 2024
…labs#600) makes argocd-image-updater compatible with restricted Pod Security Standard Signed-off-by: Takeo Sawada <[email protected]>
sribiere-jellysmack
pushed a commit
to sribiere-jellysmack/argocd-image-updater
that referenced
this pull request
Aug 13, 2024
…labs#600) makes argocd-image-updater compatible with restricted Pod Security Standard Signed-off-by: Takeo Sawada <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
makes argocd-image-updater compatible with restricted Pod Security Standard