Update the kubelet volume mount of non-root enabler container on the real object not on a copy of it

[ccojocar]

What type of PR is this?

/kind bug

What this PR does / why we need it:

Update the volume mount on the effective object of non-root-enabler container instead of a copy with no effect.

Which issue(s) this PR fixes:

Does this PR have test?

Special notes for your reviewer:

Does this PR introduce a user-facing change?

Update the volume mount on the effective object of non-root-enabler container instead of a copy with no effect.

[ccojocar]

/assign @saschagrunert

[codecov-commenter]

Codecov Report

Merging #1450 (3677728) into main (37bf104) will not change coverage.
The diff coverage is 0.00%.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1450   +/-   ##
=======================================
  Coverage   44.02%   44.02%           
=======================================
  Files          50       50           
  Lines        5667     5667           
=======================================
  Hits         2495     2495           
  Misses       3052     3052           
  Partials      120      120           

[ccojocar]

/retest

[ccojocar]

/retest

[ccojocar]

/test all

[ccojocar]

/retest

[ccojocar]

@saschagrunert gocritic seems to hang due to upgrade to Go 1.20:

wrapperFunc yodaStyleExpr]"
level=debug msg="[gocritic] Final used checks (105): [appendAssign appendCombine argOrder assignOp badCall badCond badLock badRegexp badSorting boolExprSimplify builtinShadow builtinShadowDecl captLocal caseOrder codegenComment commentFormatting commentedOutCode commentedOutImport defaultCaseOrder deferInLoop deferUnlambda deprecatedComment docStub dupArg dupBranchBody dupCase dupImport dupSubExpr dynamicFmtString elseif emptyDecl emptyFallthrough emptyStringTest equalFold evalOrder exitAfterDefer exposedSyncMutex externalErrorReassign filepathJoin flagDeref flagName hexLiteral httpNoBody hugeParam ifElseChain importShadow indexAlloc initClause ioutilDeprecated mapKey methodExprCall nestingReduce newDeref nilValReturn octalLiteral offBy1 paramTypeCombine preferDecodeRune preferFilepathJoin preferFprint preferStringWriter preferWriteByte ptrToRefParam rangeExprCopy rangeValCopy redundantSprint regexpMust regexpPattern regexpSimplify returnAfterHttpError ruleguard singleCaseSwitch sliceClear sloppyLen sloppyReassign sloppyTypeAssert sortSlice sprintfQuotedString sqlQuery stringConcatSimplify stringXbytes stringsCompare switchTrue syncMapLoadAndDelete timeCmpSimplify timeExprSimplify todoCommentWithoutDetail tooManyResultsChecker truncateCmp typeAssertChain typeDefFirst typeSwitchVar typeUnparen underef unlabelStmt unlambda unnamedResult unnecessaryBlock unnecessaryDefer unslice valSwap weakCond whyNoLint wrapperFunc yodaStyleExpr]"
level=debug msg="[gocritic] All checks are enabled"
Killed
make: *** [Makefile:359: verify-go-lint] Error 137

It is reproducible locally when running the verify with Go 1.20.

[saschagrunert]

/retest

[saschagrunert]

We have to wait for a new release of golangci-lint, but I expect to happen that sooner than later.

[ccojocar]

We have to wait for a new release of golangci-lint, but I expect to happen that sooner than later.

ok, this means the pull requests are blocked until a new release of golangci-lint is available?

[saschagrunert]

No, I think we can
/override pull-security-profiles-operator-verify

[k8s-ci-robot]

@saschagrunert: Overrode contexts on behalf of saschagrunert: pull-security-profiles-operator-verify

In response to this:

No, I think we can
/override pull-security-profiles-operator-verify

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[ccojocar]

@saschagrunert There was a version yesterday released. I updated in this pull request #1453

[ccojocar]

/retest

[saschagrunert]

@ccojocar /retest does not work for GitHub actions, we have to manually re-trigger them.

[ccojocar]

/retest does not work for GitHub actions, we have to manually re-trigger them.

@saschagrunert I think that I do not have permission to restart the Github action.

[ccojocar]

@saschagrunert Please could you lgtm this one again? Thanks

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ccojocar, saschagrunert

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [saschagrunert]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment