kubeflow · google-oss-prow · Jul 21, 2025 · Mar 13, 2025 · Mar 13, 2025 · Mar 15, 2025
diff --git a/.github/workflows/full_kubeflow_integration_test.yaml b/.github/workflows/full_kubeflow_integration_test.yaml
@@ -62,7 +62,7 @@
    - name: Install KServe
      run: ./tests/kserve_install.sh

    #- name: Install Pipelines
    #  run: ./tests/pipelines_install.sh

    - name: Install Pipelines with SeaweedFS
@@ -241,10 +241,6 @@
     - name: Apply Pod Security Standards Restricted
       run: ./tests/PSS_restricted_enable.sh
 
-    - name: Run Non-Root Test
-      run: |
-        [ -f "tests/runasnonroot.sh" ] && chmod +x tests/runasnonroot.sh && ./tests/runasnonroot.sh
-
     - name: Verify Components
       run: kubectl get pods --all-namespaces | grep -E '(Error|CrashLoopBackOff)' && exit 1 || true
 

diff --git a/applications/admission-webhook/upstream/base/deployment.yaml b/applications/admission-webhook/upstream/base/deployment.yaml
@@ -18,6 +18,15 @@ spec:
         ports:
         - name: https-webhook
           containerPort: 4443
+        securityContext:
+          runAsNonRoot: true
+          allowPrivilegeEscalation: false
+          runAsUser: 65532
+          seccompProfile:
+            type: RuntimeDefault
+          capabilities:
+            drop:
+            - ALL
       volumes:
       - name: webhook-cert
         secret:

diff --git a/applications/centraldashboard/upstream/base/deployment.yaml b/applications/centraldashboard/upstream/base/deployment.yaml
@@ -15,6 +15,9 @@ spec:
         app: centraldashboard
         sidecar.istio.io/inject: "true"
     spec:
+      securityContext:
+        seccompProfile:
+          type: RuntimeDefault
       containers:
       - name: centraldashboard
         image: ghcr.io/kubeflow/kubeflow/central-dashboard
@@ -47,4 +50,11 @@ spec:
               fieldPath: metadata.namespace
         - name: COLLECT_METRICS
           value: CD_COLLECT_METRICS
+        securityContext:
+          runAsNonRoot: true
+          allowPrivilegeEscalation: false
+          runAsUser: 1000
+          capabilities:
+            drop:
+            - ALL
       serviceAccountName: centraldashboard
diff --git a/applications/jupyter/jupyter-web-app/upstream/base/deployment.yaml b/applications/jupyter/jupyter-web-app/upstream/base/deployment.yaml
@@ -6,6 +6,9 @@ spec:
   replicas: 1
   template:
     spec:
+      securityContext:
+        seccompProfile:
+          type: RuntimeDefault
       containers:
       - name: jupyter-web-app
         image: ghcr.io/kubeflow/kubeflow/jupyter-web-app
@@ -29,6 +32,13 @@ spec:
           value: $(JWA_APP_SECURE_COOKIES)
         - name: METRICS
           value: $(JWA_APP_ENABLE_METRICS)
+        securityContext:
+          runAsNonRoot: true
+          allowPrivilegeEscalation: false
+          runAsUser: 1000
+          capabilities:
+            drop:
+            - ALL
       serviceAccountName: service-account
       volumes:
       - configMap:

diff --git a/applications/jupyter/notebook-controller/upstream/manager/manager.yaml b/applications/jupyter/notebook-controller/upstream/manager/manager.yaml
@@ -16,6 +16,9 @@ spec:
         app: notebook-controller
         kustomize.component: notebook-controller
     spec:
+      securityContext:
+        seccompProfile:
+          type: RuntimeDefault
       containers:
       - name: manager
         image: ghcr.io/kubeflow/kubeflow/notebook-controller
@@ -70,4 +73,11 @@ spec:
             port: 8081
           initialDelaySeconds: 5
           periodSeconds: 10
+        securityContext:
+          runAsNonRoot: true
+          allowPrivilegeEscalation: false
+          runAsUser: 1000
+          capabilities:
+            drop:
+            - ALL
       serviceAccountName: service-account
diff --git a/applications/katib/upstream/components/controller/controller.yaml b/applications/katib/upstream/components/controller/controller.yaml
@@ -58,6 +58,15 @@ spec:
               name: katib-config
               subPath: katib-config.yaml
               readOnly: true
+          securityContext:
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            runAsUser: 1000
+            seccompProfile:
+              type: RuntimeDefault
+            capabilities:
+              drop:
+              - ALL
       volumes:
         - name: cert
           secret:

diff --git a/applications/katib/upstream/components/db-manager/db-manager.yaml b/applications/katib/upstream/components/db-manager/db-manager.yaml
@@ -39,3 +39,12 @@ spec:
             initialDelaySeconds: 10
             periodSeconds: 60
             failureThreshold: 5
+          securityContext:
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            runAsUser: 1000
+            seccompProfile:
+              type: RuntimeDefault
+            capabilities:
+              drop:
+              - ALL
diff --git a/applications/katib/upstream/components/mysql/mysql.yaml b/applications/katib/upstream/components/mysql/mysql.yaml
@@ -19,6 +19,9 @@ spec:
         katib.kubeflow.org/component: mysql
         sidecar.istio.io/inject: "false"
     spec:
+      securityContext:
+        fsGroup: 999
+        fsGroupChangePolicy: OnRootMismatch
       containers:
         - name: katib-mysql
           image: mysql:8.0.29
@@ -67,6 +70,16 @@ spec:
           volumeMounts:
             - name: katib-mysql
               mountPath: /var/lib/mysql
+          securityContext:
+            allowPrivilegeEscalation: false
+            seccompProfile:
+              type: RuntimeDefault
+            runAsNonRoot: true
+            runAsUser: 999
+            runAsGroup: 999
+            capabilities:
+              drop:
+              - ALL
       volumes:
         - name: katib-mysql
           persistentVolumeClaim:

diff --git a/applications/katib/upstream/components/ui/ui.yaml b/applications/katib/upstream/components/ui/ui.yaml
@@ -17,6 +17,9 @@ spec:
         katib.kubeflow.org/component: ui
         sidecar.istio.io/inject: "false"
     spec:
+      securityContext:
+        seccompProfile:
+          type: RuntimeDefault
       containers:
         - name: katib-ui
           image: ghcr.io/kubeflow/katib/katib-ui
@@ -32,4 +35,11 @@ spec:
           ports:
             - name: ui
               containerPort: 8080
+          securityContext:
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            runAsUser: 1000
+            capabilities:
+              drop:
+              - ALL
       serviceAccountName: katib-ui
diff --git a/applications/kserve/kserve/kserve_kubeflow.yaml b/applications/kserve/kserve/kserve_kubeflow.yaml
@@ -32908,6 +32908,8 @@ spec:
             runAsNonRoot: true
       securityContext:
         runAsNonRoot: true
+        seccompProfile:
+          type: RuntimeDefault
       serviceAccountName: kserve-controller-manager
       terminationGracePeriodSeconds: 10
       volumes:
@@ -32971,6 +32973,8 @@ spec:
             runAsNonRoot: true
       securityContext:
         runAsNonRoot: true
+        seccompProfile:
+          type: RuntimeDefault
       serviceAccountName: kserve-localmodel-controller-manager
       terminationGracePeriodSeconds: 10
 ---

diff --git a/...arty/argo/upstream/manifests/base/workflow-controller/workflow-controller-deployment.yaml b/...arty/argo/upstream/manifests/base/workflow-controller/workflow-controller-deployment.yaml
@@ -49,5 +49,7 @@ spec:
             timeoutSeconds: 30
       securityContext:
         runAsNonRoot: true
+        seccompProfile:
+          type: RuntimeDefault
       nodeSelector:
         kubernetes.io/os: linux
diff --git a/applications/profiles/upstream/overlays/kubeflow/patches/kfam.yaml b/applications/profiles/upstream/overlays/kubeflow/patches/kfam.yaml
@@ -8,6 +8,9 @@ spec:
       labels:
         sidecar.istio.io/inject: "true"
     spec:
+      securityContext:
+        seccompProfile:
+          type: RuntimeDefault
       containers:
       - command:
         - /access-management
@@ -35,8 +38,6 @@ spec:
           protocol: TCP
         securityContext:
           allowPrivilegeEscalation: false
-          seccompProfile:
-            type: RuntimeDefault
           runAsNonRoot: true
           capabilities:
             drop:

diff --git a/...cations/tensorboard/tensorboard-controller/upstream/default/manager_auth_proxy_patch.yaml b/...cations/tensorboard/tensorboard-controller/upstream/default/manager_auth_proxy_patch.yaml
@@ -19,6 +19,11 @@ spec:
             - containerPort: 8443
               protocol: TCP
               name: https
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+              - ALL
           resources:
             limits:
               cpu: 500m

diff --git a/applications/tensorboard/tensorboard-controller/upstream/manager/manager.yaml b/applications/tensorboard/tensorboard-controller/upstream/manager/manager.yaml
@@ -26,13 +26,18 @@ spec:
       securityContext:
         runAsNonRoot: true
         runAsUser: 999
+        seccompProfile:
+          type: RuntimeDefault
       containers:
         - command:
             - /manager
           image: ghcr.io/kubeflow/kubeflow/tensorboard-controller
           name: manager
           securityContext:
             allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+              - ALL
           livenessProbe:
             httpGet:
               path: /healthz

diff --git a/applications/tensorboard/tensorboards-web-app/upstream/base/deployment.yaml b/applications/tensorboard/tensorboards-web-app/upstream/base/deployment.yaml
@@ -6,6 +6,9 @@ spec:
   replicas: 1
   template:
     spec:
+      securityContext:
+        seccompProfile:
+          type: RuntimeDefault
       containers:
       - name: tensorboards-web-app
         image: ghcr.io/kubeflow/kubeflow/tensorboards-web-app
@@ -22,4 +25,11 @@ spec:
           value: $(TWA_APP_SECURE_COOKIES)
         - name: METRICS
           value: $(TWA_APP_ENABLE_METRICS)
+        securityContext:
+          runAsNonRoot: true
+          allowPrivilegeEscalation: false
+          runAsUser: 1000
+          capabilities:
+            drop:
+            - ALL
       serviceAccountName: service-account
diff --git a/applications/training-operator/upstream/base/deployment.yaml b/applications/training-operator/upstream/base/deployment.yaml
@@ -15,6 +15,9 @@ spec:
         control-plane: kubeflow-training-operator
         sidecar.istio.io/inject: "false"
     spec:
+      securityContext:
+        seccompProfile:
+          type: RuntimeDefault
       containers:
         - command:
             - /manager
@@ -36,6 +39,11 @@ spec:
                   fieldPath: metadata.name
           securityContext:
             allowPrivilegeEscalation: false
+            runAsUser: 1000
+            runAsNonRoot: true
+            capabilities:
+              drop:
+              - ALL
           volumeMounts:
             - mountPath: /tmp/k8s-webhook-server/serving-certs
               name: cert

diff --git a/applications/volumes-web-app/upstream/base/deployment.yaml b/applications/volumes-web-app/upstream/base/deployment.yaml
@@ -6,6 +6,9 @@ spec:
   replicas: 1
   template:
     spec:
+      securityContext:
+        seccompProfile:
+          type: RuntimeDefault
       containers:
       - name: volumes-web-app
         image: ghcr.io/kubeflow/kubeflow/volumes-web-app
@@ -24,6 +27,13 @@ spec:
           value: filebrowser/filebrowser:v2.25.0
         - name: METRICS
           value: $(VWA_APP_ENABLE_METRICS)
+        securityContext:
+          runAsNonRoot: true
+          allowPrivilegeEscalation: false
+          runAsUser: 1000
+          capabilities:
+            drop:
+            - ALL
         volumeMounts: 
         - name: viewer-spec
           mountPath: /etc/config/viewer-spec.yaml

diff --git a/common/istio/cluster-local-gateway/base/kustomization.yaml b/common/istio/cluster-local-gateway/base/kustomization.yaml
@@ -10,3 +10,4 @@ resources:
 
 patches:
 - path: patches/remove-pdb.yaml
+- path: patches/seccomp-cluster-local-gateway.yaml
diff --git a/common/istio/cluster-local-gateway/base/patches/seccomp-cluster-local-gateway.yaml b/common/istio/cluster-local-gateway/base/patches/seccomp-cluster-local-gateway.yaml
@@ -0,0 +1,11 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cluster-local-gateway
+  namespace: istio-system
+spec:
+  template:
+    spec:
+      securityContext:
+        seccompProfile:
+          type: RuntimeDefault
diff --git a/tests/PSS_restricted_enable.sh b/tests/PSS_restricted_enable.sh
@@ -6,10 +6,11 @@ for NAMESPACE in "${NAMESPACES[@]}"; do
     if kubectl get namespace "$NAMESPACE" >/dev/null 2>&1; then
         PATCH_OUTPUT=$(kubectl label namespace $NAMESPACE pod-security.kubernetes.io/enforce=restricted --overwrite 2>&1)
         if echo "$PATCH_OUTPUT" | grep -q "violate the new PodSecurity"; then
-            echo "WARNING: PSS violation detected for namespace $NAMESPACE"
+            echo "ERROR: PSS violation detected for namespace $NAMESPACE"
             echo "$PATCH_OUTPUT" | grep -A 5 "violate the new PodSecurity"
+            exit 1
         else
             echo "✅ Namespace '$NAMESPACE' labeled successfully."
         fi
     fi
-done
+done
Original file line number	Diff line number	Diff line change
Expand Up		@@ -10,3 +10,4 @@ resources:

		patches:
		- path: patches/remove-pdb.yaml
		- path: patches/seccomp-cluster-local-gateway.yaml