fix: update mariadb operator version, fix lmeval minio-copy-pod securityContext

adolfo-ab · adolfo-ab · commit 96ce3f0e9466 · 2025-07-29T12:19:57.000+02:00
diff --git a/tests/conftest.py b/tests/conftest.py
@@ -667,7 +667,7 @@ def installed_mariadb_operator(admin_client: DynamicClient) -> Generator[None, A
             operator_namespace=operator_ns.name,
             timeout=Timeout.TIMEOUT_15MIN,
             install_plan_approval="Manual",
-            starting_csv=f"{operator_name}.v0.38.1",
+            starting_csv=f"{operator_name}.v25.8.1",
         )
 
         deployment = Deployment(
diff --git a/tests/model_explainability/lm_eval/conftest.py b/tests/model_explainability/lm_eval/conftest.py
@@ -350,6 +350,12 @@ def lmeval_minio_copy_pod(
                 "command": ["/bin/sh", "-c"],
                 "args": ["cp -r /mnt/data /shared"],
                 "volumeMounts": [{"name": "shared-data", "mountPath": "/shared"}],
+                "securityContext": {
+                    "allowPrivilegeEscalation": False,
+                    "capabilities": {"drop": ["ALL"]},
+                    "runAsNonRoot": True,
+                    "seccompProfile": {"type": "RuntimeDefault"},
+                },
             }
         ],
         containers=[
@@ -358,12 +364,20 @@ def lmeval_minio_copy_pod(
                 "image": "quay.io/minio/mc@sha256:470f5546b596e16c7816b9c3fa7a78ce4076bb73c2c73f7faeec0c8043923123",
                 "command": ["/bin/sh", "-c"],
                 "args": [
+                    # Set a writable config dir to avoid permission errors when running as non-root
+                    f"export MC_CONFIG_DIR=/shared/.mc && "
                     f"mc alias set myminio http://{minio_service.name}:{MinIo.Metadata.DEFAULT_PORT} "
-                    f"{MinIo.Credentials.ACCESS_KEY_VALUE} {MinIo.Credentials.SECRET_KEY_VALUE} &&\n"
-                    "mc mb --ignore-existing myminio/models &&\n"
+                    f"{MinIo.Credentials.ACCESS_KEY_VALUE} {MinIo.Credentials.SECRET_KEY_VALUE} && "
+                    "mc mb --ignore-existing myminio/models && "
                     "mc cp --recursive /shared/data/ myminio/models"
                 ],
                 "volumeMounts": [{"name": "shared-data", "mountPath": "/shared"}],
+                "securityContext": {
+                    "allowPrivilegeEscalation": False,
+                    "capabilities": {"drop": ["ALL"]},
+                    "runAsNonRoot": True,
+                    "seccompProfile": {"type": "RuntimeDefault"},
+                },
             }
         ],
         wait_for_resource=True,

Original file line number	Diff line number	Diff line change
`@@ -667,7 +667,7 @@ def installed_mariadb_operator(admin_client: DynamicClient) -> Generator[None, A`
`667`	`667`	`operator_namespace=operator_ns.name,`
`668`	`668`	`timeout=Timeout.TIMEOUT_15MIN,`
`669`	`669`	`install_plan_approval="Manual",`
`670`		`- starting_csv=f"{operator_name}.v0.38.1",`
	`670`	`+ starting_csv=f"{operator_name}.v25.8.1",`
`671`	`671`	`)`
`672`	`672`
`673`	`673`	`deployment = Deployment(`