From 98c8ec6ae27e67346075720458304141d9870323 Mon Sep 17 00:00:00 2001 From: Vincent Demeester Date: Fri, 10 Feb 2023 16:06:10 +0100 Subject: [PATCH] =?UTF-8?q?Update=20OpenShift=20pipelines-install=20instru?= =?UTF-8?q?ction=E2=80=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The current documentation doesn't work with OpenShift because of the `securityContext.runAsUser` that comes in the way of the default behavior of OpenShift. This fixes that. Signed-off-by: Vincent Demeester --- content/en/vendor/redhat/pipelines-install.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/content/en/vendor/redhat/pipelines-install.md b/content/en/vendor/redhat/pipelines-install.md index 674206fd..1d67bb9e 100644 --- a/content/en/vendor/redhat/pipelines-install.md +++ b/content/en/vendor/redhat/pipelines-install.md @@ -19,10 +19,14 @@ Constraints][security-con] for more information. ``` 1. Install Tekton Pipelines: + Because OpenShift uses random user id (and user id range per namespace) for pods, we need to remove the `securityContext.runAsUser` and `securityContext.runAsGroup` from any container from the release.yaml. + You will need to have [`yq`](https://mikefarah.gitbook.io/yq/) installed for this to work. Another way would be to download the yaml, search and replace (here replace with nothing) in your favourite editor. + ```bash - oc apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.notags.yaml + curl https://storage.googleapis.com/tekton-releases/pipeline/latest/release.notags.yaml | yq 'del(.spec.template.spec.containers[].securityContext.runAsUser, .spec.template.spec.containers[].securityContext.runAsGroup)' | oc apply -f - ``` + See the [OpenShift CLI documentation][openshift-cli] for more information on the `oc` command.