From c518c0a6127f0a3ce6d4621d48cd283c359400e5 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Wed, 19 Oct 2022 22:44:11 +0200
Subject: [PATCH] fix: Adjust Pod Security Standards version to be prefix with
v
---
apps/base/forecastle/namespace.yaml | 6 +++---
apps/base/gitlab-runner/namespace.yaml | 6 +++---
apps/base/goharbor/namespace.yaml | 6 +++---
apps/base/iot/namespace.yaml | 6 +++---
apps/base/keycloak/namespace.yaml | 6 +++---
apps/base/mail/namespace.yaml | 6 +++---
apps/base/matrix/namespace.yaml | 6 +++---
apps/base/nextcloud/namespace.yaml | 6 +++---
apps/base/renovate/namespace.yaml | 6 +++---
apps/k8s01/dns/namespace.yaml | 6 +++---
apps/k8s01/hcloud-dynfw/namespace.yaml | 6 +++---
apps/k8s01/nas/namespace.yaml | 6 +++---
bootstrap/calico/namespace.yaml | 6 +++---
clusters/k8s01/flux-system/gotk-components.yaml | 2 +-
infrastructure/cert-manager/namespace.yaml | 6 +++---
infrastructure/drivers/namespace.yaml | 6 +++---
infrastructure/k8up/namespace.yaml | 6 +++---
infrastructure/kubenav/namespace.yaml | 6 +++---
infrastructure/loki/namespace.yaml | 6 +++---
infrastructure/longhorn/namespace.yaml | 6 +++---
infrastructure/metallb/namespace.yaml | 6 +++---
infrastructure/monitoring/namespace.yaml | 6 +++---
infrastructure/nginx-system/namespace.yaml | 6 +++---
infrastructure/node-features/namespace.yaml | 6 +++---
infrastructure/postgres/namespace.yaml | 6 +++---
infrastructure/starboard/namespace.yaml | 6 +++---
26 files changed, 76 insertions(+), 76 deletions(-)
diff --git a/apps/base/forecastle/namespace.yaml b/apps/base/forecastle/namespace.yaml
index 9bc83d706..63c98dc72 100644
--- a/apps/base/forecastle/namespace.yaml
+++ b/apps/base/forecastle/namespace.yaml
@@ -6,9 +6,9 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
---
apiVersion: v1
kind: ServiceAccount
diff --git a/apps/base/gitlab-runner/namespace.yaml b/apps/base/gitlab-runner/namespace.yaml
index 839878693..bd3bc6e37 100644
--- a/apps/base/gitlab-runner/namespace.yaml
+++ b/apps/base/gitlab-runner/namespace.yaml
@@ -6,9 +6,9 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
---
apiVersion: v1
kind: ServiceAccount
diff --git a/apps/base/goharbor/namespace.yaml b/apps/base/goharbor/namespace.yaml
index 294a1d410..926731604 100644
--- a/apps/base/goharbor/namespace.yaml
+++ b/apps/base/goharbor/namespace.yaml
@@ -6,9 +6,9 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
---
apiVersion: v1
kind: ServiceAccount
diff --git a/apps/base/iot/namespace.yaml b/apps/base/iot/namespace.yaml
index 5ac0d3fb9..f0d7a626f 100644
--- a/apps/base/iot/namespace.yaml
+++ b/apps/base/iot/namespace.yaml
@@ -6,9 +6,9 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
---
apiVersion: v1
kind: ServiceAccount
diff --git a/apps/base/keycloak/namespace.yaml b/apps/base/keycloak/namespace.yaml
index 81987e97b..56ca77d0f 100644
--- a/apps/base/keycloak/namespace.yaml
+++ b/apps/base/keycloak/namespace.yaml
@@ -6,9 +6,9 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
---
apiVersion: v1
kind: ServiceAccount
diff --git a/apps/base/mail/namespace.yaml b/apps/base/mail/namespace.yaml
index 0f83674f6..8e53d0c5e 100644
--- a/apps/base/mail/namespace.yaml
+++ b/apps/base/mail/namespace.yaml
@@ -6,9 +6,9 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
---
apiVersion: v1
kind: ServiceAccount
diff --git a/apps/base/matrix/namespace.yaml b/apps/base/matrix/namespace.yaml
index 100984ff9..796bc47fe 100644
--- a/apps/base/matrix/namespace.yaml
+++ b/apps/base/matrix/namespace.yaml
@@ -6,9 +6,9 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
---
apiVersion: v1
kind: ServiceAccount
diff --git a/apps/base/nextcloud/namespace.yaml b/apps/base/nextcloud/namespace.yaml
index f996b257d..94b1c0065 100644
--- a/apps/base/nextcloud/namespace.yaml
+++ b/apps/base/nextcloud/namespace.yaml
@@ -6,9 +6,9 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
---
apiVersion: v1
kind: ServiceAccount
diff --git a/apps/base/renovate/namespace.yaml b/apps/base/renovate/namespace.yaml
index 2b029c278..a92d2dc3b 100644
--- a/apps/base/renovate/namespace.yaml
+++ b/apps/base/renovate/namespace.yaml
@@ -6,9 +6,9 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
---
apiVersion: v1
kind: ServiceAccount
diff --git a/apps/k8s01/dns/namespace.yaml b/apps/k8s01/dns/namespace.yaml
index f1c051be1..0514af478 100644
--- a/apps/k8s01/dns/namespace.yaml
+++ b/apps/k8s01/dns/namespace.yaml
@@ -6,6 +6,6 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
diff --git a/apps/k8s01/hcloud-dynfw/namespace.yaml b/apps/k8s01/hcloud-dynfw/namespace.yaml
index 473b68900..a3422254d 100644
--- a/apps/k8s01/hcloud-dynfw/namespace.yaml
+++ b/apps/k8s01/hcloud-dynfw/namespace.yaml
@@ -6,6 +6,6 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
diff --git a/apps/k8s01/nas/namespace.yaml b/apps/k8s01/nas/namespace.yaml
index 42c732ad1..6b4ae7650 100644
--- a/apps/k8s01/nas/namespace.yaml
+++ b/apps/k8s01/nas/namespace.yaml
@@ -6,6 +6,6 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
diff --git a/bootstrap/calico/namespace.yaml b/bootstrap/calico/namespace.yaml
index 63f92a7b7..0c174b9ed 100644
--- a/bootstrap/calico/namespace.yaml
+++ b/bootstrap/calico/namespace.yaml
@@ -7,6 +7,6 @@ metadata:
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/warn: privileged
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
diff --git a/clusters/k8s01/flux-system/gotk-components.yaml b/clusters/k8s01/flux-system/gotk-components.yaml
index 269475b70..68a34524c 100644
--- a/clusters/k8s01/flux-system/gotk-components.yaml
+++ b/clusters/k8s01/flux-system/gotk-components.yaml
@@ -10,7 +10,7 @@ metadata:
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v0.35.0
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/warn-version: v1.23
name: flux-system
---
apiVersion: apiextensions.k8s.io/v1
diff --git a/infrastructure/cert-manager/namespace.yaml b/infrastructure/cert-manager/namespace.yaml
index 410ae3359..ada53bc70 100644
--- a/infrastructure/cert-manager/namespace.yaml
+++ b/infrastructure/cert-manager/namespace.yaml
@@ -6,7 +6,7 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
kyverno.shivering-isles.com/class: "system"
diff --git a/infrastructure/drivers/namespace.yaml b/infrastructure/drivers/namespace.yaml
index 68fe0593c..cb31c94fe 100644
--- a/infrastructure/drivers/namespace.yaml
+++ b/infrastructure/drivers/namespace.yaml
@@ -6,7 +6,7 @@ metadata:
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/warn: privileged
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
kyverno.shivering-isles.com/class: "system"
diff --git a/infrastructure/k8up/namespace.yaml b/infrastructure/k8up/namespace.yaml
index dd4a043d7..1be682621 100644
--- a/infrastructure/k8up/namespace.yaml
+++ b/infrastructure/k8up/namespace.yaml
@@ -6,7 +6,7 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
kyverno.shivering-isles.com/class: "system"
diff --git a/infrastructure/kubenav/namespace.yaml b/infrastructure/kubenav/namespace.yaml
index 53162f1cb..078a2f040 100644
--- a/infrastructure/kubenav/namespace.yaml
+++ b/infrastructure/kubenav/namespace.yaml
@@ -6,7 +6,7 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: restricted
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
kyverno.shivering-isles.com/class: "system"
diff --git a/infrastructure/loki/namespace.yaml b/infrastructure/loki/namespace.yaml
index bccd86da3..50dcee84a 100644
--- a/infrastructure/loki/namespace.yaml
+++ b/infrastructure/loki/namespace.yaml
@@ -7,6 +7,6 @@ metadata:
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/warn: privileged
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
diff --git a/infrastructure/longhorn/namespace.yaml b/infrastructure/longhorn/namespace.yaml
index 8a3d95c36..608df4c46 100644
--- a/infrastructure/longhorn/namespace.yaml
+++ b/infrastructure/longhorn/namespace.yaml
@@ -9,6 +9,6 @@ metadata:
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/warn: privileged
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
diff --git a/infrastructure/metallb/namespace.yaml b/infrastructure/metallb/namespace.yaml
index a1e350ddb..142008a08 100644
--- a/infrastructure/metallb/namespace.yaml
+++ b/infrastructure/metallb/namespace.yaml
@@ -8,6 +8,6 @@ metadata:
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/warn: privileged
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
diff --git a/infrastructure/monitoring/namespace.yaml b/infrastructure/monitoring/namespace.yaml
index fe3672421..f54e7ffae 100644
--- a/infrastructure/monitoring/namespace.yaml
+++ b/infrastructure/monitoring/namespace.yaml
@@ -9,6 +9,6 @@ metadata:
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/warn: privileged
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
diff --git a/infrastructure/nginx-system/namespace.yaml b/infrastructure/nginx-system/namespace.yaml
index c1db153e3..a8136ba4f 100644
--- a/infrastructure/nginx-system/namespace.yaml
+++ b/infrastructure/nginx-system/namespace.yaml
@@ -6,8 +6,8 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
kyverno.shivering-isles.com/class: "system"
ingress.shivering-isles.com/network-access-required: "true"
diff --git a/infrastructure/node-features/namespace.yaml b/infrastructure/node-features/namespace.yaml
index 01eb6f9ec..b63cc38e3 100644
--- a/infrastructure/node-features/namespace.yaml
+++ b/infrastructure/node-features/namespace.yaml
@@ -8,6 +8,6 @@ metadata:
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/warn: privileged
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
diff --git a/infrastructure/postgres/namespace.yaml b/infrastructure/postgres/namespace.yaml
index dd7fa650b..dcebd7d90 100644
--- a/infrastructure/postgres/namespace.yaml
+++ b/infrastructure/postgres/namespace.yaml
@@ -6,8 +6,8 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
kyverno.shivering-isles.com/class: "system"
database.shivering-isles.com/network-access-required: "true"
diff --git a/infrastructure/starboard/namespace.yaml b/infrastructure/starboard/namespace.yaml
index 4aec73b6d..3523645ab 100644
--- a/infrastructure/starboard/namespace.yaml
+++ b/infrastructure/starboard/namespace.yaml
@@ -6,7 +6,7 @@ metadata:
pod-security.kubernetes.io/audit: restricted
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/warn: restricted
- pod-security.kubernetes.io/audit-version: 1.23
- pod-security.kubernetes.io/enforce-version: 1.23
- pod-security.kubernetes.io/warn-version: 1.23
+ pod-security.kubernetes.io/audit-version: v1.23
+ pod-security.kubernetes.io/enforce-version: v1.23
+ pod-security.kubernetes.io/warn-version: v1.23
kyverno.shivering-isles.com/class: "system"
--
GitLab