K8S PSP getting created after setting excludePodSecurityPolicy to true

Open KuldeepSharmaTR opened this issue 2 years ago • 1 comments

Describe the bug A clear and concise description of what the bug is.

Environment Provide accurate information about the environment to help us reproduce the issue.

Trident version: 23.01.1
Trident installation flags used: Using Helm
Container runtime: containerd
Kubernetes version: 1.23
Kubernetes orchestrator: EKS 1.23
Kubernetes enabled feature gates: [e.g. CSINodeInfo]
OS: Amazon Linux
NetApp backend types: [e.g. CVS for AWS, ONTAP AFF 9.5, HCI 1.7]
Other:

To Reproduce Steps to reproduce the behavior: Deploy trident-operator helm chart with excludePodSecurityPolicy: true

Expected behavior No PodSecurityPolicy should be created for trident.

Additional context trident-controller and trident-node-linux PSPs are getting created even after setting excludePodSecurityPolicy to true.

Apr 12 '23 21:04 KuldeepSharmaTR

The same problem occures with Trident version 23.04 on openshift 4.11.33 (with kubernetes 1.24)

$ oc get psp
Warning: policy/v1beta1 PodSecurityPolicy is deprecated in v1.21+, unavailable in v1.25+
NAME                 PRIV    CAPS   SELINUX    RUNASUSER   FSGROUP    SUPGROUP   READONLYROOTFS   VOLUMES
trident-controller   false          RunAsAny   RunAsAny    RunAsAny   RunAsAny   false            hostPath,projected,emptyDir
trident-node-linux   true           RunAsAny   RunAsAny    RunAsAny   RunAsAny   false            hostPath,projected,emptyDir

May 09 '23 13:05 Xavier-0965