Merge pull request kubearmor#1788 from daemon1024/fix-operator-snitch

fix(snitch): use DirectoryOrCreate for apparmor mount in Snitch
Stan370 · Jun 24, 2024 · 1fc5a38 · 1fc5a38
2 parents 9ce5979 + 7e9f139
commit 1fc5a38
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/pkg/KubeArmorOperator/common/defaults.go b/pkg/KubeArmorOperator/common/defaults.go
@@ -159,6 +159,7 @@ var ContainerRuntimeSocketMap = map[string][]string{
 }
 
 var HostPathDirectory = corev1.HostPathDirectory
+var HostPathDirectoryOrCreate = corev1.HostPathDirectoryOrCreate
 var HostPathSocket = corev1.HostPathSocket
 var HostPathFile = corev1.HostPathFile
 

diff --git a/pkg/KubeArmorOperator/internal/controller/resources.go b/pkg/KubeArmorOperator/internal/controller/resources.go
@@ -207,7 +207,6 @@ func genSnitchServiceAccount() *corev1.ServiceAccount {
 
 func deploySnitch(nodename string, runtime string) *batchv1.Job {
 	job := batchv1.Job{}
-	var HostPathDirectoryOrCreate = corev1.HostPathDirectoryOrCreate
 	job = *addOwnership(&job).(*batchv1.Job)
 	ttls := int32(100)
 	job.GenerateName = "kubearmor-snitch-"
@@ -307,7 +306,7 @@ func deploySnitch(nodename string, runtime string) *batchv1.Job {
 						VolumeSource: corev1.VolumeSource{
 							HostPath: &corev1.HostPathVolumeSource{
 								Path: "/etc/apparmor.d/",
-								Type: &common.HostPathDirectory,
+								Type: &common.HostPathDirectoryOrCreate,
 							},
 						},
 					},
@@ -334,7 +333,7 @@ func deploySnitch(nodename string, runtime string) *batchv1.Job {
 						VolumeSource: corev1.VolumeSource{
 							HostPath: &corev1.HostPathVolumeSource{
 								Path: "/var/lib/kubelet/seccomp",
-								Type: &HostPathDirectoryOrCreate,
+								Type: &common.HostPathDirectoryOrCreate,
 							},
 						},
 					},