From b7f0bfc3696bf5e09b1f1434b430a175484e7e70 Mon Sep 17 00:00:00 2001
From: Medya Gh <medya@google.com>
Date: Mon, 13 Apr 2020 16:44:17 -0700
Subject: [PATCH] unconfine apparmor for kic

---
 pkg/drivers/kic/oci/oci.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/pkg/drivers/kic/oci/oci.go b/pkg/drivers/kic/oci/oci.go
index f1e53843e..94951fa4c 100644
--- a/pkg/drivers/kic/oci/oci.go
+++ b/pkg/drivers/kic/oci/oci.go
@@ -108,7 +108,9 @@ func CreateContainerNode(p CreateParams) error {
 		// including some ones docker would otherwise do by default.
 		// for now this is what we want. in the future we may revisit this.
 		"--privileged",
-		"--security-opt", "seccomp=unconfined", // also ignore seccomp
+		"--security-opt", "seccomp=unconfined", //  ignore seccomp
+		// ignore apparmore github actions docker: https://github.com/kubernetes/minikube/issues/7624
+		"--security-opt", "apparmor=unconfined",
 		"--tmpfs", "/tmp", // various things depend on working /tmp
 		"--tmpfs", "/run", // systemd wants a writable /run
 		// logs,pods be stroed on  filesystem vs inside container,
-- 
GitLab