From 343039dbf1393ee823b3ef0f99dd57466d6bdc92 Mon Sep 17 00:00:00 2001 From: Adam Kaplan Date: Thu, 10 Sep 2020 20:36:33 -0400 Subject: [PATCH] Grant Tekton additional privileges on OpenShift When deploying Tekton on openshift, grant the tekton-pipelines- controller use of the priveleged security context constraint. This will let the Tekton controller create privileged containers. Build strategies such as buildah currently require use of the priveleged SCC. Fixes #378 --- hack/install-tekton.sh | 44 ++++++++++++++++++++++++++++++++++++++---- 1 file changed, 40 insertions(+), 4 deletions(-) diff --git a/hack/install-tekton.sh b/hack/install-tekton.sh index 6617f1f801..9c2608c294 100755 --- a/hack/install-tekton.sh +++ b/hack/install-tekton.sh @@ -14,9 +14,45 @@ TEKTON_VERSION="${TEKTON_VERSION:-v0.14.2}" TEKTON_HOST="github.com" TEKTON_HOST_PATH="tektoncd/pipeline/releases/download" - -echo "# Deploying Tekton Pipelines Operator '${TEKTON_VERSION}'" +PLATFORM="${1:-k8s}" +echo "# Deploying Tekton Pipelines Operator '${TEKTON_VERSION}' on ${PLATFORM}" kubectl apply \ - --filename="https://${TEKTON_HOST}/${TEKTON_HOST_PATH}/${TEKTON_VERSION}/release.yaml" \ - --output="yaml" + --filename="https://${TEKTON_HOST}/${TEKTON_HOST_PATH}/${TEKTON_VERSION}/release.notags.yaml" \ + --output="yaml" + +if [[ ${PLATFORM} == "openshift" ]]; then + echo "Granting additional privileges to the tekton-pipelines-controller" + kubectl apply -f - <