diff --git a/hack/custom-patches.sh b/hack/custom-patches.sh index 22c8a22..14c9a78 100755 --- a/hack/custom-patches.sh +++ b/hack/custom-patches.sh @@ -18,3 +18,9 @@ ${YQ} e '.spec.template.spec.securityContext.remove-this-key="'" "'"' ${f} > ${f}.tmp cat ${f}.tmp | grep -v 'remove-this-key' > ${f} rm -rf ${f}.tmp + +# Replace the upstream psp condition with our own. + +cpi_psp_file="helm/cloud-provider-vsphere/charts/cloud-provider-for-vsphere/templates/podsecuritypolicy.yaml" + +sed -i 's/{{- if \.Values\.podSecurityPolicy\.enabled }}/{{- if not .Values.global.podSecurityStandards.enforced }}/g' "$cpi_psp_file" diff --git a/helm/cloud-provider-vsphere/charts/cloud-provider-for-vsphere/templates/podsecuritypolicy.yaml b/helm/cloud-provider-vsphere/charts/cloud-provider-for-vsphere/templates/podsecuritypolicy.yaml index a0cfbea..908c321 100644 --- a/helm/cloud-provider-vsphere/charts/cloud-provider-for-vsphere/templates/podsecuritypolicy.yaml +++ b/helm/cloud-provider-vsphere/charts/cloud-provider-for-vsphere/templates/podsecuritypolicy.yaml @@ -1,4 +1,4 @@ -{{- if .Values.podSecurityPolicy.enabled }} +{{- if not .Values.global.podSecurityStandards.enforced }} apiVersion: policy/v1beta1 kind: PodSecurityPolicy metadata: