-
Bug
-
Resolution: Done
-
High
-
Frankfurt Release
-
None
The daily scan shows that 2 SDNC related pods are still run as root
POD: onap-sdnc-dmaap-listener-58cc4697c8-8ztfs container: sdnc-dmaap-listener uid: 0(root)
POD: onap-sdnc-ueb-listener-686888f6fb-rqb4g container: sdnc-ueb-listener uid: 0(root)
I created a Jira for the ccsdk related pods but apparently I forget to create one for SDNC, it shall be covered anyway by an old OSGI ticket but it was missing for my tabel tracking this particular issue for Frankfurt.
The usual fix consists in creating a user in the docker build chain for the considered
dockers
+ SECCOM