Update MinIo pod privileges to run on ocp 4.19 (#277)

rnetser · web-flow · commit eb7987221ef5 · 2025-04-29T11:13:58.000+05:30
* fix: add securityContext for minio pod

* fix: minio on 4.19
diff --git a/tests/conftest.py b/tests/conftest.py
@@ -440,6 +440,12 @@ def minio_pod(
                 ],
                 "image": request.param.get("image"),
                 "name": MinIo.Metadata.NAME,
+                "securityContext": {
+                    "allowPrivilegeEscalation": False,
+                    "capabilities": {"drop": ["ALL"]},
+                    "runAsNonRoot": True,
+                    "seccompProfile": {"type": "RuntimeDefault"},
+                },
             }
         ],
         label=pod_labels,
@@ -465,6 +471,7 @@ def minio_service(admin_client: DynamicClient, minio_namespace: Namespace) -> Ge
         selector={
             Labels.Openshift.APP: MinIo.Metadata.NAME,
         },
+        session_affinity="ClientIP",
     ) as minio_service:
         yield minio_service
 
