Git Product home page Git Product logo

Comments (5)

ChristianCiach avatar ChristianCiach commented on September 12, 2024 1

Your securityContext is invalid. None of the attributes you specified are allowed in a PodSecurityContext. These are only valid attributes for a (Container)SecurityContext, so you'll need to move your securityContext inside your container definition.

from argo-cd.

nitishfy avatar nitishfy commented on September 12, 2024

Hi @artemus717 , thanks for raising this issue. I tried to reproduce this and my application gets in sync state inspite of using a security context. Here is the deployment manifest that I used:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
        - name: nginx
          image: "nginx:1.16.0"
          imagePullPolicy: IfNotPresent
          securityContext:
            allowPrivilegeEscalation: true
            capabilities:
              add:
                - ALL
            privileged: true
            readOnlyRootFilesystem: false
            runAsNonRoot: false
            runAsUser: 0
          ports:
            - containerPort: 80

image

from argo-cd.

svghadi avatar svghadi commented on September 12, 2024

If I am not wrong, securityContext cannot be edited once a pod is created. Looking at the diff, looks like your pod is already present on the cluster and you are trying to modify the securityContext. Can you share the Sync Error message?

Argo CD by default does a kubectl apply on the resource, therefore it could fail if the pod is already present on the cluster. You can change this behaviour using sync options. Probably, a manual sync with replace and force sync option selected, should fix it i.e it will delete and recreate the pod with new securityContext.

from argo-cd.

artemus717 avatar artemus717 commented on September 12, 2024

Hi @svghadi Thanks for response. I tried delete deployment and sync again, but securityContext did not synced to online. And there are no error message in argocd-server, system calls response 200, but just no sync action.
I will try to remove deployment again and replace and force sync option.

from argo-cd.

artemus717 avatar artemus717 commented on September 12, 2024

@ChristianCiach Yes, you are correct, it works now.
@ChristianCiach @svghadi @nitishfy Thanks for you help.

from argo-cd.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.