Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing SecurityContext for ProxySQL SidecarContainers #1775

Open
dlafcracy opened this issue Aug 3, 2024 · 0 comments
Open

Missing SecurityContext for ProxySQL SidecarContainers #1775

dlafcracy opened this issue Aug 3, 2024 · 0 comments
Labels
bug

Comments

@dlafcracy
Copy link

Report

I was trying to use PXC Operator to start a PXC and PXC ProxySQL.
I notied that sts created for ProxySQL did not included the security context for the sidecar containers as how the proxysql container has.

Will it be possible to include it?

More about the problem

Even on the main branch currently, it seems SecurityContext is actually used inside AppContainer but not in SidecarContainers.

Ref: https://github.com/percona/percona-xtradb-cluster-operator/blob/main/pkg/pxc/app/statefulset/proxysql.go

Steps to reproduce

  1. Start up a Kubernetes cluster hardened with Pod Security Admission Control
  2. Install PXC Operator with security context specified
  3. Create a PXC ProxySQL with security context specified

Versions

I want running these when I noticed the issue. But newer version seems to have similar issue.

  1. Kubernetes: 1.28.6
  2. Operator: 1.14.0
  3. Database: 8.0.35-27.1

Anything else?

No response
@dlafcracy dlafcracy added the bug label Aug 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dlafcracy