From c131f0d0da4b7862621f96cbd8f1dab8652932a5 Mon Sep 17 00:00:00 2001
From: Piyush Garg <pgarg@redhat.com>
Date: Mon, 17 Apr 2023 18:05:02 +0530
Subject: [PATCH] Keep securitycontext fields simple in e2e

This will make securitycontext fields to be simple and easy in e2e
so that tests can be run on different platform like openshift
where runasUser 65532 and 2000 etc can fail, here we are just checking the
conversion of fields so simple configuration will also
do the job
---
 test/conversion_test.go | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/test/conversion_test.go b/test/conversion_test.go
index eb06f84b006..f2ffc5f6f98 100644
--- a/test/conversion_test.go
+++ b/test/conversion_test.go
@@ -82,7 +82,7 @@ spec:
         mountPath: /messages
     imagePullPolicy: IfNotPresent
     securityContext: 
-      runAsUser: 2000
+      runAsNonRoot: true
     timeout: 60s
     secret:
       secretName: test-ssh-credentials
@@ -110,7 +110,7 @@ spec:
       mountPath: /messages
     imagePullPolicy: IfNotPresent
     securityContext: 
-        runAsUser: 2000
+        runAsNonRoot: true
   sidecars:
   - name: server
     image: alpine/git:v2.26.2
@@ -133,7 +133,7 @@ spec:
     readinessProbe:
       periodSeconds: 1
     securityContext:
-      runAsUser: 0
+      runAsNonRoot: true
     volumeMounts:
     - name: messages
       mountPath: /messages
@@ -180,7 +180,7 @@ spec:
         mountPath: /messages
     imagePullPolicy: IfNotPresent
     securityContext: 
-      runAsUser: 2000
+      runAsNonRoot: true
     timeout: 60s
     secret:
       secretName: test-ssh-credentials
@@ -201,7 +201,7 @@ spec:
       mountPath: /messages
     imagePullPolicy: IfNotPresent
     securityContext: 
-        runAsUser: 2000
+        runAsNonRoot: true
   sidecars:
   - name: server
     image: alpine/git:v2.26.2
@@ -224,7 +224,7 @@ spec:
     - name: messages
       mountPath: /messages
     securityContext:
-      runAsUser: 0
+      runAsNonRoot: true
     script: echo test
   volumes:
     - name: messages
@@ -274,7 +274,7 @@ spec:
   timeout: 60s
   podTemplate:
     securityContext:
-      fsGroup: 65532
+      runAsNonRoot: true
   workspaces:
   - name: password-vault
   finally:
@@ -328,7 +328,7 @@ spec:
   timeout: 60s
   podTemplate:
     securityContext:
-      fsGroup: 65532
+      runAsNonRoot: true
   workspaces:
   - name: password-vault
   finally:
@@ -375,7 +375,7 @@ spec:
       emptyDir: {}
   podTemplate:
     securityContext:
-      fsGroup: 65532
+      allowPrivilegeEscalation: false
 `
 
 	v1beta1TaskRunExpectedYaml = `
@@ -392,7 +392,7 @@ spec:
   timeout: 60s
   podTemplate:
     securityContext:
-      fsGroup: 65532
+      allowPrivilegeEscalation: false
   taskSpec:
     steps:
     - computeResources: {}
@@ -444,7 +444,7 @@ spec:
   timeout: 60s
   podTemplate:
     securityContext:
-      fsGroup: 65532
+      allowPrivilegeEscalation: false
   workspaces:
   - emptyDir: {}
     name: output     
@@ -474,7 +474,7 @@ spec:
   timeout: 60s
   podTemplate:
     securityContext:
-      fsGroup: 65532
+      allowPrivilegeEscalation: false
   workspaces:
     - emptyDir: {}
       name: output