Description of problem: Failed to prevent s2i builder images from running as root Version-Release number of selected component (if applicable): openshift v3.6.122 kubernetes v1.6.1+5115d708d7 How reproducible: Always Steps to Reproduce: 1.Build image with Dockerfile set instruction "USER 0" in it 2.Use above built image to do s2i build $ oc create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/build/tc499515/test-buildconfig-user0.json 3.Check build status Actual results: Build is completed Expected results: Build is failed with error in log: "must specify a user that is numeric and within the range of allowed users" Additional info:
David, any chance this is related to the scc/admission work you've been doing? I know you mentioned we're doing this in a weird way.
@bparees I don't think so. My work still hasn't merged: https://github.com/openshift/origin/pull/14775
PR: https://github.com/openshift/origin/pull/14891
Commit pushed to master at https://github.com/openshift/origin https://github.com/openshift/origin/commit/d186041d1a4a94b391c6783458e206b6d12f0557 pass an internal pod object to SCC admission control so it works https://bugzilla.redhat.com/show_bug.cgi?id=1464356 bug 1464356
Test with openshift v3.6.131 kubernetes v1.6.1+5115d708d7 etcd 3.2.1 build is failed, and show "must specify a user that is numeric and within the range of allowed users" in build log could move to verified