Fix pod security context

[matejvasek]

Changes

• 🗑️ Reverted commit: "Use jobs not plain pods for auxiliary tasks".
• 🗑️ Removed openshift package and moved functionality elsewhere to avoid circular package dependencies.
• 🐛 Fix pod security context -- set uid,git,fsgropu only on non-OpenShift.

[knative-prow]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[knative-prow]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: matejvasek

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [matejvasek]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[matejvasek]

PTAL @grafvonb

[codecov]

Codecov Report

Patch coverage: 70.00% and project coverage change: -2.06% ⚠️

Comparison is base (a2834c2) 61.95% compared to head (23b9b32) 59.90%.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1889      +/-   ##
==========================================
- Coverage   61.95%   59.90%   -2.06%     
==========================================
  Files         106      106              
  Lines       13801    13802       +1     
==========================================
- Hits         8551     8268     -283     
- Misses       4397     4686     +289     
+ Partials      853      848       -5     

Flag	Coverage Δ
e2e-test	?
e2e-test-oncluster	30.75% <53.33%> (+0.04%)	⬆️
e2e-test-oncluster-runtime	25.66% <8.66%> (?)
integration-tests	51.47% <63.33%> (+2.21%)	⬆️
unit-tests-macos-latest	?
unit-tests-ubuntu-latest	49.46% <1.33%> (-0.54%)	⬇️
unit-tests-windows-latest	?

Flags with carried forward coverage won't be shown. Click here to find out more.

Files Changed	Coverage Δ
pkg/config/config.go	85.09% <0.00%> (ø)
pkg/k8s/openshift.go	17.69% <10.34%> (ø)
pkg/http/openshift.go	44.44% <44.44%> (ø)
cmd/client.go	88.75% <50.00%> (ø)
pkg/k8s/security_context.go	89.28% <89.28%> (ø)
pkg/k8s/dialer.go	78.48% <94.44%> (+1.24%)	⬆️
pkg/k8s/persistent_volumes.go	71.79% <100.00%> (+1.12%)	⬆️

... and 23 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[grafvonb]

@matejvasek lgtm, it works as expected. The current version from main does not.

❯ ./func deploy --remote -v -p func-node-11-remote
Creating Pipeline resources
Running Pipeline Task: Building function image on the cluster
Running Pipeline Task: Deploying function to the cluster
✅ Function deployed in namespace "knative-func" and exposed at URL: 
   http://func-node-11-remote.knative-func.52.29.113.237.sslip.io

[matejvasek]

PTAL @jrangelramos @lance

[lance]

/lgtm

[matejvasek]

@lance this requires test override.

[lance]

/override "Unit Test (1.20.2, 17, windows-latest)"

[knative-prow]

@lance: Overrode contexts on behalf of lance: Unit Test (1.20.2, 17, windows-latest)

In response to this:

/override "Unit Test (1.20.2, 17, windows-latest)"

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.