Skip to content

Commit 5805b27

Browse files
camilamacedo86camilamacedo86
committed
Add extra info about SecurityContext field for CatalogSources
1 parent 49ba338 commit 5805b27

File tree

2 files changed

+6
-0
lines changed

2 files changed

+6
-0
lines changed

crds/operators.coreos.com_catalogsources.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1025,6 +1025,9 @@ spec:
10251025
will be configured as if `restricted` was specified. Otherwise, it will be configured as if `legacy` was
10261026
specified. Specifying a value other than `legacy` or `restricted` result in a validation error. When using older
10271027
catalog images, which can not run in `restricted` mode, the SecurityContextConfig should be set to `legacy`.
1028+
Important, Catalog Sources built with OPM versions < v1.21.0 will not be able to run in `restricted` mode, and should
1029+
be set to `legacy`. Catalog Sources built with OPM versions >= v1.21.0 will be able to run in `restricted` mode,
1030+
OLM releases >= v1.32.0 can only accept the restricted mode and will not accept the legacy mode.
10281031
10291032
More information about PSA can be found here: https://kubernetes.io/docs/concepts/security/pod-security-admission/
10301033
type: string

pkg/operators/v1alpha1/catalogsource_types.go

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -133,6 +133,9 @@ type GrpcPodConfig struct {
133133
// will be configured as if `restricted` was specified. Otherwise, it will be configured as if `legacy` was
134134
// specified. Specifying a value other than `legacy` or `restricted` result in a validation error. When using older
135135
// catalog images, which can not run in `restricted` mode, the SecurityContextConfig should be set to `legacy`.
136+
// Important, Catalog Sources built with OPM versions < v1.21.0 will not be able to run in `restricted` mode, and should
137+
// be set to `legacy`. Catalog Sources built with OPM versions >= v1.21.0 will be able to run in `restricted` mode,
138+
// OLM releases >= v1.32.0 can only accept the restricted mode and will not accept the legacy mode.
136139
//
137140
// More information about PSA can be found here: https://kubernetes.io/docs/concepts/security/pod-security-admission/
138141
// +optional

0 commit comments

Comments
 (0)