From f7853c4ddffa58cf05dbac4d6611a8a3955f8323 Mon Sep 17 00:00:00 2001
From: Paulo Gomes <paulo.gomes@weave.works>
Date: Thu, 20 Jan 2022 13:30:33 +0000
Subject: [PATCH] Enable pod security warnings for flux-system

Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
---
 manifests/install/namespace.yaml     | 3 +++
 pkg/manifestgen/install/templates.go | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/manifests/install/namespace.yaml b/manifests/install/namespace.yaml
index c00a4321..c2b5961d 100644
--- a/manifests/install/namespace.yaml
+++ b/manifests/install/namespace.yaml
@@ -2,3 +2,6 @@ apiVersion: v1
 kind: Namespace
 metadata:
   name: flux-system
+  labels:
+    pod-security.kubernetes.io/warn: restricted
+    pod-security.kubernetes.io/warn-version: latest
diff --git a/pkg/manifestgen/install/templates.go b/pkg/manifestgen/install/templates.go
index 8cdce319..ac47cf27 100644
--- a/pkg/manifestgen/install/templates.go
+++ b/pkg/manifestgen/install/templates.go
@@ -165,6 +165,9 @@ apiVersion: v1
 kind: Namespace
 metadata:
   name: {{.Namespace}}
+  labels:
+    pod-security.kubernetes.io/warn: restricted
+    pod-security.kubernetes.io/warn-version: latest
 `
 
 func execTemplate(obj interface{}, tmpl, filename string) error {
-- 
GitLab