marco/veda
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Add pod security labels to managed namespace for Rook-Ceph

Browse Source
This commit is contained in:
Marco van Zijl 2025-11-08 20:13:13 +01:00
parent a851391af3
commit 6094ec5247
2 changed files with 5 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apps/ceph/operator/application.yaml
View File

@ -27,3 +27,8 @@ spec:
syncOptions: syncOptions:
- CreateNamespace=true - CreateNamespace=true
- ServerSideApply=true - ServerSideApply=true
managedNamespaceMetadata:
labels:
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/warn: privileged

11
apps/ceph/operator/values.yaml
View File

@ -22,14 +22,3 @@ rook-ceph:
limits: limits:
cpu: 500m cpu: 500m
memory: 512Mi memory: 512Mi
# Ensure namespace has proper labels for Talos
extraObjects:
- apiVersion: v1
kind: Namespace
metadata:
name: rook-ceph
labels:
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/warn: privileged