Set SCC allowPrivilegeEscalation to true when container build enabled (#1596)

* Set SCC allowPrivilegeEscalation to true when container build enabled Running Podman inside a container in OpenShift requires the pod to have allowPrivilegeEscalation: true in its security context. * Fix tests Signed-off-by: Angel Misevski <amisevsk@redhat.com>
2023-01-11 10:39:23 -05:00 · 2023-01-11 10:39:23 -05:00 · 3d07ff759a
parent 6110221447
commit 3d07ff759a
2 changed files with 3 additions and 3 deletions
--- a/pkg/common/constants/constants.go
+++ b/pkg/common/constants/constants.go
@ -154,6 +154,6 @@ var (
 				"SETUID",
 			},
 		},
-		AllowPrivilegeEscalation: pointer.BoolPtr(false),
+		AllowPrivilegeEscalation: pointer.BoolPtr(true),
 	}
 )
--- a/pkg/deploy/dev-workspace-config/dev_workspace_config_test.go
+++ b/pkg/deploy/dev-workspace-config/dev_workspace_config_test.go
@ -383,7 +383,7 @@ func TestReconcileDevWorkspaceConfigPerUserStorage(t *testing.T) {
 								"SETUID",
 							},
 						},
-						AllowPrivilegeEscalation: pointer.BoolPtr(false),
+						AllowPrivilegeEscalation: pointer.BoolPtr(true),
 					},
 				},
 			},
@ -434,7 +434,7 @@ func TestReconcileDevWorkspaceConfigPerUserStorage(t *testing.T) {
 								"SETUID",
 							},
 						},
-						AllowPrivilegeEscalation: pointer.BoolPtr(false),
+						AllowPrivilegeEscalation: pointer.BoolPtr(true),
 					},
 				},
 			},