Avoid setting RunAsNonRoot to false explicitly (cloudnative-pg#923)

mnencia · jlong49 · web-flow · commit 8996277b3fa7 · 2022-10-26T12:36:08.000+02:00
Setting RunAsNonRoot explicitly to false is not only redundant, but it could trigger errors. Closes cloudnative-pg#922 Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com> Signed-off-by: John Long <john.long@enterprisedb.com> Co-authored-by: John Long <john.long@enterprisedb.com>
diff --git a/tests/utils/azurite.go b/tests/utils/azurite.go
@@ -150,7 +150,6 @@ func getAzuriteClientPod(namespace string) corev1.Pod {
 					SecurityContext: &corev1.SecurityContext{
 						AllowPrivilegeEscalation: pointer.Bool(false),
 						SeccompProfile:           &corev1.SeccompProfile{Type: corev1.SeccompProfileTypeRuntimeDefault},
-						RunAsNonRoot:             pointer.Bool(false),
 					},
 				},
 			},
@@ -177,7 +176,6 @@ func getAzuriteClientPod(namespace string) corev1.Pod {
 				},
 			},
 			SecurityContext: &corev1.PodSecurityContext{
-				RunAsNonRoot:   pointer.Bool(false),
 				SeccompProfile: &corev1.SeccompProfile{Type: corev1.SeccompProfileTypeRuntimeDefault},
 			},
 		},
diff --git a/tests/utils/curl.go b/tests/utils/curl.go
@@ -41,17 +41,13 @@ func CurlClient(namespace string) corev1.Pod {
 					SecurityContext: &corev1.SecurityContext{
 						AllowPrivilegeEscalation: pointer.Bool(false),
 						SeccompProfile:           &corev1.SeccompProfile{Type: corev1.SeccompProfileTypeRuntimeDefault},
-						// Curl image doesn't have a numeric user, so it cannot have RunAsNonRoot set to true
-						RunAsNonRoot: pointer.Bool(false),
 					},
 				},
 			},
 			DNSPolicy:     corev1.DNSClusterFirst,
 			RestartPolicy: corev1.RestartPolicyAlways,
 			SecurityContext: &corev1.PodSecurityContext{
 				SeccompProfile: &corev1.SeccompProfile{Type: corev1.SeccompProfileTypeRuntimeDefault},
-				// Curl image doesn't have a numeric user, so it cannot have RunAsNonRoot set to true
-				RunAsNonRoot: pointer.Bool(false),
 			},
 		},
 	}
diff --git a/tests/utils/minio.go b/tests/utils/minio.go
@@ -190,12 +190,10 @@ func MinioDefaultDeployment(namespace string, minioPVC corev1.PersistentVolumeCl
 							SecurityContext: &corev1.SecurityContext{
 								AllowPrivilegeEscalation: pointer.Bool(false),
 								SeccompProfile:           &corev1.SeccompProfile{Type: corev1.SeccompProfileTypeRuntimeDefault},
-								RunAsNonRoot:             pointer.Bool(false),
 							},
 						},
 					},
 					SecurityContext: &corev1.PodSecurityContext{
-						RunAsNonRoot:   pointer.Bool(false),
 						SeccompProfile: &corev1.SeccompProfile{Type: corev1.SeccompProfileTypeRuntimeDefault},
 					},
 				},
diff --git a/tests/utils/webapp.go b/tests/utils/webapp.go
@@ -71,14 +71,12 @@ func DefaultWebapp(namespace string, name string, rootCASecretName string, tlsSe
 						},
 					},
 					SecurityContext: &corev1.SecurityContext{
-						RunAsNonRoot:             pointer.Bool(false),
 						AllowPrivilegeEscalation: pointer.Bool(false),
 						SeccompProfile:           &corev1.SeccompProfile{Type: corev1.SeccompProfileTypeRuntimeDefault},
 					},
 				},
 			},
 			SecurityContext: &corev1.PodSecurityContext{
-				RunAsNonRoot:   pointer.Bool(false),
 				SeccompProfile: &corev1.SeccompProfile{Type: corev1.SeccompProfileTypeRuntimeDefault},
 			},
 		},
