Skip to content

Commit ecc02dd

Browse files
adwk67adwk67
committed
run as root group (#680)
# Description run as root group instead of 1000. Subset of tests on open shift: ``` --- PASS: kuttl (585.49s) --- PASS: kuttl/harness (0.00s) --- PASS: kuttl/harness/smoke_zookeeper-3.8.0-stackable0.0.0-dev_use-server-tls-false_use-client-auth-tls-false (67.56s) --- PASS: kuttl/harness/cluster-operation_zookeeper-latest-3.8.0-stackable0.0.0-dev (80.69s) --- PASS: kuttl/harness/delete-rolegroup_zookeeper-3.8.0-stackable0.0.0-dev (70.96s) --- PASS: kuttl/harness/smoke_zookeeper-3.8.0-stackable0.0.0-dev_use-server-tls-true_use-client-auth-tls-true (89.60s) --- PASS: kuttl/harness/logging_zookeeper-3.8.0-stackable0.0.0-dev (70.75s) --- PASS: kuttl/harness/znode_zookeeper-latest-3.8.0-stackable0.0.0-dev (30.45s) --- PASS: kuttl/harness/smoke_zookeeper-3.8.0-stackable0.0.0-dev_use-server-tls-false_use-client-auth-tls-true (85.17s) --- PASS: kuttl/harness/smoke_zookeeper-3.8.0-stackable0.0.0-dev_use-server-tls-true_use-client-auth-tls-false (79.45s) PASS ```
1 parent 6e4c309 commit ecc02dd

File tree

2 files changed

+5
-3
lines changed

2 files changed

+5
-3
lines changed

CHANGELOG.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,12 +14,14 @@ All notable changes to this project will be documented in this file.
1414
- Operator-rs: `0.40.2` -> `0.41.0` ([#673]).
1515
- Use 0.0.0-dev product images for testing ([#674])
1616
- Use testing-tools 0.2.0 ([#674])
17+
- Run as root group ([#680])
1718

1819
[#672]: https://github.com/stackabletech/zookeeper-operator/pull/672
1920
[#673]: https://github.com/stackabletech/zookeeper-operator/pull/673
2021
[#674]: https://github.com/stackabletech/zookeeper-operator/pull/674
2122
[#675]: https://github.com/stackabletech/zookeeper-operator/pull/675
2223
[#676]: https://github.com/stackabletech/zookeeper-operator/pull/676
24+
[#680]: https://github.com/stackabletech/zookeeper-operator/pull/680
2325

2426
## [23.4.0] - 2023-04-17
2527

rust/operator-binary/src/zk_controller.rs

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,7 @@ use std::{
6464
use strum::{EnumDiscriminants, IntoStaticStr};
6565

6666
pub const ZK_CONTROLLER_NAME: &str = "zookeepercluster";
67-
67+
pub const ZK_UID: i64 = 1000;
6868
pub struct Ctx {
6969
pub client: stackable_operator::client::Client,
7070
pub product_config: ProductConfigManager,
@@ -748,8 +748,8 @@ fn build_server_rolegroup_statefulset(
748748
..Volume::default()
749749
})
750750
.security_context(PodSecurityContext {
751-
run_as_user: Some(1000),
752-
run_as_group: Some(1000),
751+
run_as_user: Some(ZK_UID),
752+
run_as_group: Some(0),
753753
fs_group: Some(1000),
754754
..PodSecurityContext::default()
755755
})

0 commit comments

Comments
 (0)