From a5c5adba68529d6722c79ae9849ad4295f58ef7c Mon Sep 17 00:00:00 2001
From: Wulf Thimm <wulf@gitpod.io>
Date: Mon, 14 Feb 2022 14:38:13 +0000
Subject: [PATCH] added allowedCapabilities to node-exporter psp

---
 jsonnet/kube-prometheus/addons/podsecuritypolicies.libsonnet | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/jsonnet/kube-prometheus/addons/podsecuritypolicies.libsonnet b/jsonnet/kube-prometheus/addons/podsecuritypolicies.libsonnet
index 23979380..24355746 100644
--- a/jsonnet/kube-prometheus/addons/podsecuritypolicies.libsonnet
+++ b/jsonnet/kube-prometheus/addons/podsecuritypolicies.libsonnet
@@ -200,6 +200,9 @@ local restrictedPodSecurityPolicy = {
         name: 'node-exporter-psp',
       },
       spec+: {
+        allowedCapabilities: [
+          'SYS_TIME',
+        ],
         allowedHostPaths+: [
           {
             pathPrefix: '/proc',
-- 
GitLab