From 70c08ea26b862fb646f2add5cb50c5d4394afbfe Mon Sep 17 00:00:00 2001
From: Pavel Lipsky <pavel.lipsky@dell.com>
Date: Tue, 16 Feb 2021 05:59:35 -0500
Subject: [PATCH] Extend functionality of Test Mode to enable privileged mode
 for Segment Store containers #507

---
 pkg/controller/config/config.go                | 1 +
 pkg/controller/pravega/pravega_segmentstore.go | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/pkg/controller/config/config.go b/pkg/controller/config/config.go
index 9179d88c9..d2958831b 100644
--- a/pkg/controller/config/config.go
+++ b/pkg/controller/config/config.go
@@ -14,4 +14,5 @@ package config
 // the following changes:
 // - Disables Pravega Controller minimum number of replicas
 // - Disables Segment Store minimum number of replicas
+// - Enable privilidged mode for Segment Store containters
 var TestMode bool
diff --git a/pkg/controller/pravega/pravega_segmentstore.go b/pkg/controller/pravega/pravega_segmentstore.go
index d5be844ef..1f3766b90 100644
--- a/pkg/controller/pravega/pravega_segmentstore.go
+++ b/pkg/controller/pravega/pravega_segmentstore.go
@@ -17,6 +17,7 @@ import (
 
 	api "github.com/pravega/pravega-operator/pkg/apis/pravega/v1beta1"
 	"github.com/pravega/pravega-operator/pkg/util"
+	"github.com/pravega/pravega-operator/pkg/controller/config"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
 	policyv1beta1 "k8s.io/api/policy/v1beta1"
@@ -149,6 +150,9 @@ func makeSegmentstorePodSpec(p *api.PravegaCluster) corev1.PodSpec {
 					PeriodSeconds:       15,
 					FailureThreshold:    4,
 				},
+				SecurityContext: &corev1.SecurityContext{
+					Privileged: &config.TestMode,
+				},
 			},
 		},
 		Affinity: p.Spec.Pravega.SegmentStorePodAffinity,