From e103ba667bdbd51010f664672ef3311d691d4823 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Wed, 19 Oct 2022 22:47:59 +0200
Subject: [PATCH] fix(infrastructure): Disable Pod Security Policies in helm
 releases

Pod Security Policies have been deprecated in favour of Pod Security
Standards, which are a bit less flexible, but way easier to configure
and handle.
---
 infrastructure/kube-system/metrics-server.yaml | 2 +-
 infrastructure/monitoring/release.yaml         | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/infrastructure/kube-system/metrics-server.yaml b/infrastructure/kube-system/metrics-server.yaml
index ce060f4fc..3abdb9792 100644
--- a/infrastructure/kube-system/metrics-server.yaml
+++ b/infrastructure/kube-system/metrics-server.yaml
@@ -32,7 +32,7 @@ spec:
       - --metric-resolution=15s
       - --kubelet-insecure-tls
     rbac:
-      pspEnabled: true
+      pspEnabled: false
     podDisruptionBudget:
       enabled: true
       minAvailable: 1
diff --git a/infrastructure/monitoring/release.yaml b/infrastructure/monitoring/release.yaml
index 56e5392d9..d553cfb16 100644
--- a/infrastructure/monitoring/release.yaml
+++ b/infrastructure/monitoring/release.yaml
@@ -37,7 +37,7 @@ data:
     global:
       rbac:
         create: true
-        pspEnabled: true
+        pspEnabled: false
         createAggregateClusterRoles: true
     alertmanager:
       enabled: true
@@ -131,7 +131,7 @@ data:
       rbac:
         create: true
       podSecurityPolicy:
-        enabled: true
+        enabled: false
     nodeExporter:
       enabled: true
     prometheusOperator:
-- 
GitLab