Openshift e2e Conformance Testing Suite Permission Errors

Solution Verified - Updated -

Issue

Many kubernetes e2e conformance tests fail against our Openshift cluster because its making use of containers that need privileged access to the container (UID=0). Ex: nginx container, trying to bind to port 80.
The e2e tests create projects on the fly with randomized names, making it impossible to grant access to the default service account that is used to create the resources. These tests fail with "Permission Denied" errors upon ports binding, process creation, R/W access to privileged files or directories in the container, etc.

The operator would like to be able to choose the SCC these projects and associated default service accounts are using (SCC AnyUID should be enough in most or even maybe all cases). Without applying that cluster wide for security reasons.

Environment

Red Hat Openshift Platform 4.4

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content