aaronsuns opened a new issue, #671: URL: https://github.com/apache/solr-operator/issues/671
When try to run solr-operator and solr helm chart on openshift get the following error regarding podSecurity, the question is where to change that podSecurity? ``` 2024-01-02T09:23:51Z INFO Setting default settings for SolrCloud {"controller": "solrcloud", "controllerGroup": "solr.apache.org", "controllerKind": "SolrCloud", "SolrCloud": {"name":"solr","namespace":"vizone-dev"}, "namespace": "vizone-dev", "name": "solr", "reconcileID": "30cc6979-4cbf-404b-99c9-d4b955569eba"} 2024-01-02T09:23:51Z INFO Creating Zookeeer Cluster {"controller": "solrcloud", "controllerGroup": "solr.apache.org", "controllerKind": "SolrCloud", "SolrCloud": {"name":"solr","namespace":"vizone-dev"}, "namespace": "vizone-dev", "name": "solr", "reconcileID": "3f8781bc-dd1d-4693-a07d-3432d18b5941", "zookeeperCluster": "solr-solrcloud-zookeeper"} 2024-01-02T09:23:51Z INFO Creating Common Service {"controller": "solrcloud", "controllerGroup": "solr.apache.org", "controllerKind": "SolrCloud", "SolrCloud": {"name":"solr","namespace":"vizone-dev"}, "namespace": "vizone-dev", "name": "solr", "reconcileID": "3f8781bc-dd1d-4693-a07d-3432d18b5941", "service": "solr-solrcloud-common"} 2024-01-02T09:23:51Z INFO Creating Headless Service {"controller": "solrcloud", "controllerGroup": "solr.apache.org", "controllerKind": "SolrCloud", "SolrCloud": {"name":"solr","namespace":"vizone-dev"}, "namespace": "vizone-dev", "name": "solr", "reconcileID": "3f8781bc-dd1d-4693-a07d-3432d18b5941", "service": "solr-solrcloud-headless"} 2024-01-02T09:23:51Z INFO Creating ConfigMap {"controller": "solrcloud", "controllerGroup": "solr.apache.org", "controllerKind": "SolrCloud", "SolrCloud": {"name":"solr","namespace":"vizone-dev"}, "namespace": "vizone-dev", "name": "solr", "reconcileID": "3f8781bc-dd1d-4693-a07d-3432d18b5941", "configMap": "solr-solrcloud-configmap"} 2024-01-02T09:23:51Z INFO Creating StatefulSet {"controller": "solrcloud", "controllerGroup": "solr.apache.org", "controllerKind": "SolrCloud", "SolrCloud": {"name":"solr","namespace":"vizone-dev"}, "namespace": "vizone-dev", "name": "solr", "reconcileID": "3f8781bc-dd1d-4693-a07d-3432d18b5941", "statefulSet": "solr-solrcloud"} 2024-01-02T09:23:51Z INFO KubeAPIWarningLogger would violate PodSecurity "restricted:v1.24": allowPrivilegeEscalation != false (containers "cp-solr-xml", "solrcloud-node" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (containers "cp-solr-xml", "solrcloud-node" must set securityContext.capabilities.drop=["ALL"]) ``` Tried to change the security context via solr helm values.yaml like this : ``` podOptions: podSecurityContext: # allowPrivilegeEscalation: false # capabilities: # drop: # - ALL runAsNonRoot: true seccompProfile: type: RuntimeDefault ``` But could not set allowPrivilegeEscalation and capabilities there. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org