Error when setting `privileged: true` on a container service

Hi!

We have a test dependency container service that we’d like to run in privileged mode. This is the module:

kind: Module
type: container
name: test-vertica

include: []
image: vertica/vertica-ce:11.0.0-0

services:
  - name: test-vertica
    privileged: true

When I tried to deploy this service I get this error:

The Deployment "test-vertica" is invalid: spec.template.spec.containers[0].securityContext: Invalid value: core.SecurityContext{Capabilities:(*core.Capabilities)(nil),
Privileged:(*bool)(0xc01de443ba), SELinuxOptions:(*core.SELinuxOptions)(nil), WindowsOptions:(*core.WindowsSecurityContextOptions)(nil), RunAsUser:(*int64)(nil),
RunAsGroup:(*int64)(nil), RunAsNonRoot:(*bool)(nil), ReadOnlyRootFilesystem:(*bool)(nil), AllowPrivilegeEscalation:(*bool)(0xc01de443af), ProcMount:(*core.ProcMountType)(nil),
SeccompProfile:(*core.SeccompProfile)(nil)}: cannot set `allowPrivilegeEscalation` to false and `privileged` to true

But there isn’t an option to set allowPrivilegeEscalation on the service too. Am I missing something here?

Thanks!
Anna

Hi Anna! Thanks for the report—this is indeed a bug, and easy to fix. We’ll have a look right away.

1 Like

Ok, this should be fixed on the latest edge release: Releases · garden-io/garden · GitHub

You can run garden self-update edge to update to the latest edge release (or download directly from the releases page I linked to above).

Hope this helps—let us know if you have any more questions!

1 Like

That worked! Thank you so much for the blazing fast fix!

1 Like