From f2709267897a8b879b092451ac94492ceb85d04f Mon Sep 17 00:00:00 2001 From: Rabi Mishra Date: Mon, 19 Sep 2022 15:09:49 +0530 Subject: [PATCH] Use custom seccomp profile for ephemeral heat pod Depends-On: https://review.opendev.org/c/openstack/tripleo-heat-templates/+/858611 Change-Id: Iaf4e72db7dd9ffc453d5540aa9495c3fd5a56aa4 (cherry picked from commit 4c4612e8dad053578193dc081b31fb519408013d) --- templates/ephemeral-heat/heat-pod.yaml.j2 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/templates/ephemeral-heat/heat-pod.yaml.j2 b/templates/ephemeral-heat/heat-pod.yaml.j2 index f80f51661..c9965f322 100644 --- a/templates/ephemeral-heat/heat-pod.yaml.j2 +++ b/templates/ephemeral-heat/heat-pod.yaml.j2 @@ -4,6 +4,8 @@ metadata: labels: app: {{ heat_pod_name }} name: {{ heat_pod_name }} + annotations: + seccomp.security.alpha.kubernetes.io/pod: localhost/seccomp_allow.json spec: containers: - command: