Open

You will learn

How to configure ThreadFix to run on OpenShift.

Prerequisites

Audience: IT Professional
Difficulty: Intermediate
Time needed: Approximately 10 minutes
Tools required: N/A

In order to run ThreadFix on OpenShift there are a few special considerations. With the default Security Context Constraints, pods must be configured to run under certain user and group IDs. The following describes how to get the default UID and GID range and apply them to the ThreadFix installation.

1. Determine the valid UID range for the project:

   oc get project <project_name> -o yaml

   
   The output will appear like below:

   apiVersion: project.openshift.io/v1 kind: Project metadata: annotations: openshift.io/description: "" openshift.io/display-name: "" openshift.io/requester: kube:admin openshift.io/sa.scc.mcs: s0:c25,c0 openshift.io/sa.scc.supplemental-groups: 1000600000/10000 openshift.io/sa.scc.uid-range: 1000600000/10000

   The values openshift.io/sa.scc.uid-range and openshift.io/sa.scc.supplemental-groups will be needed for setting the appropriate <uid> and <gid> in the following step.
   
   

2. Create a ‘myValues’ directory (if it does not exist).

   mkdir -p myValues

    

3. Create a file named “openshift.yaml” with the following contents (replace <uid> and <gid> with valid values in the above range):

    

4. Finish any other tasks from the Installation Checklist , then Install with Helm.

Table of Contents