We have a number of Openshift pipelines which were running fine, that have started failing following a cluster upgrade from Openshift 4.12.23 to 4.12.54
The pipelines all give the following error:
failed to create task run pod "xxxxxx-pipelinerun-vtrhv-fetch-source": pods "xxxxxx-pipelinerun-vtrhv-fetch-source-pod" is forbidden: violates PodSecurity "restricted:latest": allowPrivilegeEscalation != false (containers "prepare", "place-scripts", "step-clone" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (containers "prepare", "place-scripts", "step-clone" must set securityContext.capabilities.drop=["ALL"]), seccompProfile (pod or containers "prepare", "place-scripts", "step-clone" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost"). Maybe missing or invalid Task openshift-pipelines/git-cloneI've tried creating a custom SCC and adding it to the service account running the pipeline task but nothing I do seems to resolve the issue, or even change the error message.
Any suggestions on things to try would be much appreciated.