Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove deprecated Pod Security Policies #229

Closed
riccardodl opened this issue Sep 10, 2020 · 2 comments
Closed

Remove deprecated Pod Security Policies #229

riccardodl opened this issue Sep 10, 2020 · 2 comments
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed
Projects
Secret Store CSI Azure Provider Roadmap

Comments

@riccardodl
Copy link

Describe the solution you'd like

https://docs.microsoft.com/en-us/azure/aks/use-pod-security-policies
As you can see, pod security policy is getting deprecated on the 15th of October, superseded by Azure policies for AKS
https://docs.microsoft.com/en-us/azure/aks/use-pod-security-on-azure-policy
Since I use Azure policies for pods, I'd like if we update the PSP definitions with the newer definitions

Anything else you would like to add:

Environment:

  • Secrets Store CSI Driver version: (use the image tag): 0.0.13
  • Azure Key Vault provider version: (use the image tag): 0.0.8
  • Kubernetes version: (use kubectl version): 1.18.6
  • Cluster type: (e.g. AKS, aks-engine, etc): AKS
@riccardodl riccardodl added the enhancement New feature or request label Sep 10, 2020
@aramase aramase added this to the Stable milestone Nov 9, 2020
@aramase aramase added good first issue Good for newcomers help wanted Extra attention is needed labels Jan 5, 2021
@ekhaydarov
Copy link

ekhaydarov commented Jan 18, 2021
edited
Loading

How do you even enable pod security policies in deployment/pod-security-policy.yaml. setting rbac.enable: true still gives an error of Host network is not allowed to be used and Host port 9808 is not allowed to be used. There is nothing else in values.yaml that covers enabling pod security policies

Looking at this PR it seems there is not flag in helm charts to let you just enable pod security policy in a values yaml file. You still have to manually apply them yourself.

Would it not be easier for everyone if it was part of the helm chart and optionally enabled?

@aramase aramase removed this from the Stable milestone Aug 16, 2021
@aramase
Copy link
Member

aramase commented Feb 3, 2022

Closing in favor of #787

@aramase aramase closed this as completed Feb 3, 2022
Secret Store CSI Azure Provider Roadmap automation moved this from Backlog to Done Feb 3, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed
Projects
Secret Store CSI Azure Provider Roadmap
  
Done
Milestone
No milestone
Development

No branches or pull requests
3 participants
@riccardodl @aramase @ekhaydarov