Skip to content

Commit 7fed17f

Browse files
ritazhleewoobin789
ritazh
authored and
leewoobin789
committed
fix: disable psp as default (open-policy-agent#3179)
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
1 parent bd75c0c commit 7fed17f

File tree

4 files changed

+4
-4
lines changed

4 files changed

+4
-4
lines changed

cmd/build/helmify/static/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -120,7 +120,7 @@ information._
120120
| preUninstall.nodeSelector | The node selector to use for pod scheduling in preUninstall hook jobs | `kubernetes.io/os: linux` |
121121
| preUninstall.resources | The resource request/limits for the container image in preUninstall hook jobs | `{}` |
122122
| preUninstall.securityContext | Security context applied on the container | `{ "allowPrivilegeEscalation": false, "capabilities": "drop": [all], "readOnlyRootFilesystem": true, "runAsGroup": 999, "runAsNonRoot": true, "runAsUser": 1000 }` |
123-
| psp.enabled | Enabled PodSecurityPolicy | `true` |
123+
| psp.enabled | Enabled PodSecurityPolicy | `false` |
124124
| upgradeCRDs.enabled | Upgrade CRDs using pre-install/pre-upgrade hooks | `true` |
125125
| upgradeCRDs.extraRules | Extra rules for the gatekeeper-admin-upgrade-crds ClusterRole | `[]` |
126126
| upgradeCRDs.priorityClassName | Priority class name for gatekeeper-update-crds-hook Job | `` |

cmd/build/helmify/static/values.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -266,7 +266,7 @@ pdb:
266266
service: {}
267267
disabledBuiltins: ["{http.send}"]
268268
psp:
269-
enabled: true
269+
enabled: false
270270
upgradeCRDs:
271271
enabled: true
272272
extraRules: []

manifest_staging/charts/gatekeeper/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -120,7 +120,7 @@ information._
120120
| preUninstall.nodeSelector | The node selector to use for pod scheduling in preUninstall hook jobs | `kubernetes.io/os: linux` |
121121
| preUninstall.resources | The resource request/limits for the container image in preUninstall hook jobs | `{}` |
122122
| preUninstall.securityContext | Security context applied on the container | `{ "allowPrivilegeEscalation": false, "capabilities": "drop": [all], "readOnlyRootFilesystem": true, "runAsGroup": 999, "runAsNonRoot": true, "runAsUser": 1000 }` |
123-
| psp.enabled | Enabled PodSecurityPolicy | `true` |
123+
| psp.enabled | Enabled PodSecurityPolicy | `false` |
124124
| upgradeCRDs.enabled | Upgrade CRDs using pre-install/pre-upgrade hooks | `true` |
125125
| upgradeCRDs.extraRules | Extra rules for the gatekeeper-admin-upgrade-crds ClusterRole | `[]` |
126126
| upgradeCRDs.priorityClassName | Priority class name for gatekeeper-update-crds-hook Job | `` |

manifest_staging/charts/gatekeeper/values.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -266,7 +266,7 @@ pdb:
266266
service: {}
267267
disabledBuiltins: ["{http.send}"]
268268
psp:
269-
enabled: true
269+
enabled: false
270270
upgradeCRDs:
271271
enabled: true
272272
extraRules: []

0 commit comments

Comments
 (0)