Capability SYS_ADMIN is published as removed in changelog, but is still in factory method

Question

Capability SYS_ADMIN is published as removed in changelog, but is still in factory method

mmerrill3 opened this issue a year ago · 1 comments

Describe the bug
Capability SYS_ADMIN is published as removed in changelog, but is still in factory method. If the privilege is not necessary, remove this from the factory methods that create the daemonsets.

Environment
Daemonsets are using the SYS_ADMIN capability, but according the CHANGELOG, this was removed.

Trident version: v23.07.1

To Reproduce
Daemonsets are produced today with pods that require SYS_ADMIN privileges, which is too broad.

Expected behavior
Pods from the daemonset will not require SYS_ADMIN privileges.

Additional context
Add any other context about the problem here.