From 307e3eab1ed8f54afe2cf62cef8a8609d2ddea4d Mon Sep 17 00:00:00 2001 From: Puru <5674762+tuladhar@users.noreply.github.com> Date: Thu, 28 Sep 2023 17:13:27 +0545 Subject: [PATCH] PSP Toggle --- CHANGELOG.md | 4 ++++ helm/dex-operator/templates/psp.yaml | 2 ++ helm/dex-operator/values.schema.json | 13 +++++++++++++ helm/dex-operator/values.yaml | 4 ++++ 4 files changed, 23 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0f09b48..1754e2c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +### Changed + +- Propagate `global.podSecurityStandards.enforced` value set to `false` for PSS migration + ## [0.9.0] - 2023-09-14 ### Changed diff --git a/helm/dex-operator/templates/psp.yaml b/helm/dex-operator/templates/psp.yaml index 6b887b2..aacee2b 100644 --- a/helm/dex-operator/templates/psp.yaml +++ b/helm/dex-operator/templates/psp.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.global.podSecurityStandards.enforced }} apiVersion: policy/v1beta1 kind: PodSecurityPolicy metadata: @@ -35,3 +36,4 @@ spec: hostNetwork: false hostIPC: false hostPID: false +{{- end }} diff --git a/helm/dex-operator/values.schema.json b/helm/dex-operator/values.schema.json index 29cf39c..90bf11b 100644 --- a/helm/dex-operator/values.schema.json +++ b/helm/dex-operator/values.schema.json @@ -5,6 +5,19 @@ "baseDomain": { "type": "string" }, + "global": { + "type": "object", + "properties": { + "podSecurityStandards": { + "type": "object", + "properties": { + "enforced": { + "type": "boolean" + } + } + } + } + }, "image": { "type": "object", "properties": { diff --git a/helm/dex-operator/values.yaml b/helm/dex-operator/values.yaml index c47d226..f3cc8ab 100644 --- a/helm/dex-operator/values.yaml +++ b/helm/dex-operator/values.yaml @@ -32,3 +32,7 @@ podSecurityContext: securityContext: seccompProfile: type: RuntimeDefault + +global: + podSecurityStandards: + enforced: false