diff --git a/pkg/apis/core/validation/validation.go b/pkg/apis/core/validation/validation.go index b86889a1630..e5dba419354 100644 --- a/pkg/apis/core/validation/validation.go +++ b/pkg/apis/core/validation/validation.go @@ -4813,8 +4813,8 @@ func ValidateSecurityContext(sc *core.SecurityContext, fldPath *field.Path) fiel } if sc.RunAsUser != nil { - if *sc.RunAsUser < 0 { - allErrs = append(allErrs, field.Invalid(fldPath.Child("runAsUser"), *sc.RunAsUser, isNegativeErrorMsg)) + for _, msg := range validation.IsValidUserID(*sc.RunAsUser) { + allErrs = append(allErrs, field.Invalid(fldPath.Child("runAsUser"), *sc.RunAsUser, msg)) } } diff --git a/pkg/apis/core/validation/validation_test.go b/pkg/apis/core/validation/validation_test.go index 442adecfabd..ce8ede0f03e 100644 --- a/pkg/apis/core/validation/validation_test.go +++ b/pkg/apis/core/validation/validation_test.go @@ -11752,7 +11752,7 @@ func TestValidateSecurityContext(t *testing.T) { "negative RunAsUser": { sc: negativeRunAsUser, errorType: "FieldValueInvalid", - errorDetail: isNegativeErrorMsg, + errorDetail: "must be between", }, } for k, v := range errorCases {