From d6077c717d0f2e9691437ab6b4dc6676a921277c Mon Sep 17 00:00:00 2001 From: Jan Safranek Date: Thu, 27 Jun 2019 13:39:14 +0200 Subject: [PATCH] Run sidecars for csi-mock as privileged The driver and provisioner runs as privileged, so make all the other sidecar containers privileged too. This helps on system with SELinux, non-privileged container can't access socket of a privileged one. --- .../storage-csi/mock/csi-mock-cluster-driver-registrar.yaml | 2 ++ .../storage-csi/mock/csi-mock-driver-attacher.yaml | 2 ++ .../storage-csi/mock/csi-mock-driver-resizer.yaml | 2 ++ 3 files changed, 6 insertions(+) diff --git a/test/e2e/testing-manifests/storage-csi/mock/csi-mock-cluster-driver-registrar.yaml b/test/e2e/testing-manifests/storage-csi/mock/csi-mock-cluster-driver-registrar.yaml index 75b0f31f163..e266c6c3c6b 100644 --- a/test/e2e/testing-manifests/storage-csi/mock/csi-mock-cluster-driver-registrar.yaml +++ b/test/e2e/testing-manifests/storage-csi/mock/csi-mock-cluster-driver-registrar.yaml @@ -24,6 +24,8 @@ spec: - name: ADDRESS value: /csi/csi.sock imagePullPolicy: Always + securityContext: + privileged: true volumeMounts: - mountPath: /csi name: socket-dir diff --git a/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-attacher.yaml b/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-attacher.yaml index 4f96cb10b6d..6adcffb97f7 100644 --- a/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-attacher.yaml +++ b/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-attacher.yaml @@ -23,6 +23,8 @@ spec: - name: ADDRESS value: /csi/csi.sock imagePullPolicy: Always + securityContext: + privileged: true volumeMounts: - mountPath: /csi name: socket-dir diff --git a/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-resizer.yaml b/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-resizer.yaml index f4a53561e2b..740bf17c95a 100644 --- a/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-resizer.yaml +++ b/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-resizer.yaml @@ -23,6 +23,8 @@ spec: - name: ADDRESS value: /csi/csi.sock imagePullPolicy: Always + securityContext: + privileged: true volumeMounts: - mountPath: /csi name: socket-dir