chore: Remove hardcoded uid and gid

lfrancke · lfrancke · commit 218f2782a1e6 · 2025-05-27T16:06:44.000+02:00
diff --git a/rust/operator-binary/src/kafka_controller.rs b/rust/operator-binary/src/kafka_controller.rs
@@ -97,9 +97,6 @@ use crate::{
 pub const KAFKA_CONTROLLER_NAME: &str = "kafkacluster";
 pub const KAFKA_FULL_CONTROLLER_NAME: &str = concatcp!(KAFKA_CONTROLLER_NAME, '.', OPERATOR_NAME);
 
-/// Used as runAsUser in the pod security context. This is specified in the kafka image file
-pub const KAFKA_UID: i64 = 1000;
-
 pub struct Ctx {
     pub client: stackable_operator::client::Client,
     pub product_config: ProductConfigManager,
@@ -1088,13 +1085,7 @@ fn build_broker_rolegroup_statefulset(
         )
         .context(AddVolumeSnafu)?
         .service_account_name(service_account.name_any())
-        .security_context(
-            PodSecurityContextBuilder::new()
-                .run_as_user(KAFKA_UID)
-                .run_as_group(0)
-                .fs_group(1000)
-                .build(),
-        );
+        .security_context(PodSecurityContextBuilder::new().fs_group(1000).build());
 
     // Add vector container after kafka container to keep the defaulting into kafka container
     if merged_config.logging.enable_vector_agent {
diff --git a/tests/templates/kuttl/kerberos/30-access-kafka.txt.j2 b/tests/templates/kuttl/kerberos/30-access-kafka.txt.j2
@@ -66,8 +66,6 @@ spec:
                 volumeMode: Filesystem
       securityContext:
         fsGroup: 1000
-        runAsGroup: 1000
-        runAsUser: 1000
       restartPolicy: OnFailure
 ---
 apiVersion: v1
diff --git a/tests/templates/kuttl/tls/31_test-tls-job.yaml.j2 b/tests/templates/kuttl/tls/31_test-tls-job.yaml.j2
@@ -90,7 +90,5 @@ spec:
                     storage: "1"
       securityContext:
         fsGroup: 1000
-        runAsGroup: 1000
-        runAsUser: 1000
       serviceAccountName: test-sa
       restartPolicy: OnFailure
diff --git a/tests/test-definition.yaml b/tests/test-definition.yaml
@@ -6,17 +6,10 @@
 dimensions:
   - name: kafka
     values:
-      - 3.7.2
-      - 3.9.0
-      # Alternatively, if you want to use a custom image, append a comma and the full image name to the product version
-      # as in the example below.
-      # - 3.8.0,oci.stackable.tech/sdp/kafka:3.8.0-stackable0.0.0-dev
+      - 3.9.0,localhost:5000/sdp/kafka:3.9.0-stackable0.0.0-dev
   - name: kafka-latest
     values:
-      - 3.7.2 # Using LTS version here
-      # Alternatively, if you want to use a custom image, append a comma and the full image name to the product version
-      # as in the example below.
-      # - 3.7.2,oci.stackable.tech/sdp/kafka:3.7.2-stackable0.0.0-dev
+      - 3.9.0,localhost:5000/sdp/kafka:3.9.0-stackable0.0.0-dev
   - name: zookeeper
     values:
       - 3.9.3
@@ -28,7 +21,7 @@ dimensions:
       - 3.7.2
   - name: upgrade_new
     values:
-      - 3.9.0
+      - 3.9.0,localhost:5000/sdp/kafka:3.9.0-stackable0.0.0-dev
   - name: use-client-tls
     values:
       - "true"
