Skip to content

Commit

Permalink
Disable psp by default (#817)
Browse files Browse the repository at this point in the history 
Signed-off-by: Tamal Saha <[email protected]>
  • Loading branch information
@tamalsaha
tamalsaha authored Jan 20, 2024
1 parent d766395 commit 841f107
Show file tree
Hide file tree
Showing 7 changed files with 7 additions and 7 deletions.
2 changes: 1 addition & 1 deletion catalog/kubedb/fmt/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -694,7 +694,7 @@ func main() {
sh.SetDir(dir)
sh.ShowCMD = true

out, err := sh.Command("helm", "template", "charts/kubedb-catalog", "--api-versions", "policy/v1beta1/PodSecurityPolicy", "--set", "skipDeprecated=false").Output()
out, err := sh.Command("helm", "template", "charts/kubedb-catalog", "--api-versions", "policy/v1beta1/PodSecurityPolicy", "--set", "skipDeprecated=false", "--set", "psp.enabled=true").Output()
if err != nil {
panic(err)
}
Expand Down
2 changes: 1 addition & 1 deletion charts/kubedb-catalog/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ The following table lists the configurable parameters of the `kubedb-catalog` ch
| featureGates.Singlestore | | <code>true</code> |
| featureGates.Solr | | <code>true</code> |
| featureGates.ZooKeeper | | <code>true</code> |
| psp.enabled | | <code>true</code> |
| psp.enabled | | <code>false</code> |
| psp.elasticsearch.allowPrivilegeEscalation | | <code>true</code> |
| psp.elasticsearch.privileged | | <code>true</code> |
| psp.mariadb.allowPrivilegeEscalation | | <code>false</code> |
Expand Down
2 changes: 1 addition & 1 deletion charts/kubedb-catalog/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ featureGates:
ZooKeeper: true

psp:
enabled: true
enabled: false
elasticsearch:
allowPrivilegeEscalation: true
privileged: true
Expand Down
2 changes: 1 addition & 1 deletion charts/kubedb-ops-manager/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ The following table lists the configurable parameters of the `kubedb-ops-manager
| recommendationEngine.genRotateTLSRecommendationBeforeExpiryYear | Rotate TLS recommendation will be generated before given year of expiration. It also depends on gen-rotate-tls-recommendation-before-expiry-month and gen-rotate-tls-recommendation-before-expiry-year. Default values are 0(zero) for gen-rotate-tls-recommendation-before-expiry-year, 1(one) for gen-rotate-tls-recommendation-before-expiry-month, 0(zero) for gen-rotate-tls-recommendation-before-expiry-day flags. | <code>0</code> |
| recommendationEngine.genRotateTLSRecommendationBeforeExpiryMonth | Rotate TLS recommendation will be generated before given month of expiration. It also depends on gen-rotate-tls-recommendation-before-expiry-year and gen-rotate-tls-recommendation-before-expiry-day flag. By default it is set as 1(one). | <code>1</code> |
| recommendationEngine.genRotateTLSRecommendationBeforeExpiryDay | Rotate TLS recommendation will be generated before given day of expiration. It also depends on gen-rotate-tls-recommendation-before-expiry-year and gen-rotate-tls-recommendation-before-expiry-month flag. By default it is set as 0(zero). | <code>0</code> |
| psp.enabled | | <code>true</code> |
| psp.enabled | | <code>false</code> |


Specify each parameter using the `--set key=value[,key=value]` argument to `helm upgrade -i`. For example:
Expand Down
2 changes: 1 addition & 1 deletion charts/kubedb-ops-manager/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -127,4 +127,4 @@ recommendationEngine:
# By default it is set as 0(zero).
genRotateTLSRecommendationBeforeExpiryDay: 0
psp:
enabled: true
enabled: false
2 changes: 1 addition & 1 deletion charts/kubedb-provisioner/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ The following table lists the configurable parameters of the `kubedb-provisioner
| monitoring.agent | Name of monitoring agent (one of "prometheus.io", "prometheus.io/operator", "prometheus.io/builtin") | <code>""</code> |
| monitoring.serviceMonitor.labels | Specify the labels for ServiceMonitor. Prometheus crd will select ServiceMonitor using these labels. Only usable when monitoring agent is `prometheus.io/operator`. | <code>{"monitoring.appscode.com/prometheus":"auto"}</code> |
| additionalPodSecurityPolicies | Additional psp names passed to operator <br> Example: <br> `helm template ./chart/kubedb \` <br> `--set additionalPodSecurityPolicies[0]=abc \` <br> `--set additionalPodSecurityPolicies[1]=xyz` | <code>[]</code> |
| psp.enabled | | <code>true</code> |
| psp.enabled | | <code>false</code> |


Specify each parameter using the `--set key=value[,key=value]` argument to `helm upgrade -i`. For example:
Expand Down
2 changes: 1 addition & 1 deletion charts/kubedb-provisioner/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -117,4 +117,4 @@ monitoring:
# --set additionalPodSecurityPolicies[1]=xyz
additionalPodSecurityPolicies: []
psp:
enabled: true
enabled: false

0 comments on commit 841f107

Please sign in to comment.