[
https://issues.apache.org/jira/browse/AIRFLOW-4156?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16801161#comment-16801161
]
Ash Berlin-Taylor commented on AIRFLOW-4156:
--------------------------------------------
Some overlap with AIRFLOW-3274 (though it sounds like this is more general)
> KubernetesPodOperator does not support set security context
> -----------------------------------------------------------
>
> Key: AIRFLOW-4156
> URL: https://issues.apache.org/jira/browse/AIRFLOW-4156
> Project: Apache Airflow
> Issue Type: Improvement
> Components: kubernetes
> Affects Versions: 1.10.2
> Environment: kubernetes
> Reporter: Magnus Runesson
> Priority: Major
>
> Good praxis running containers is to not run them as root nor run with a
> writable root-filesystem. To be able to restrict this on pods launched by the
> KubernetesPodOperator one must be able to set [security
> context|https://kubernetes.io/docs/tasks/configure-pod-container/security-context/].
> Many hardened Kubernetes clusters require this to be set.
> WIP patch, currently missing tests:
> https://github.com/mrunesson/airflow/tree/feat-k8s-security-context
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
