K8S PSP getting created after setting excludePodSecurityPolicy to true

KuldeepSharmaTR commented 1 year ago

Describe the bug A clear and concise description of what the bug is.

Environment Provide accurate information about the environment to help us reproduce the issue.

Trident version: 23.01.1
Trident installation flags used: Using Helm
Container runtime: containerd
Kubernetes version: 1.23
Kubernetes orchestrator: EKS 1.23
Kubernetes enabled feature gates: [e.g. CSINodeInfo]
OS: Amazon Linux
NetApp backend types: [e.g. CVS for AWS, ONTAP AFF 9.5, HCI 1.7]
Other:

To Reproduce Steps to reproduce the behavior: Deploy trident-operator helm chart with excludePodSecurityPolicy: true

Expected behavior No PodSecurityPolicy should be created for trident.

Additional context trident-controller and trident-node-linux PSPs are getting created even after setting excludePodSecurityPolicy to true.

Xavier-0965 commented 1 year ago

The same problem occures with Trident version 23.04 on openshift 4.11.33 (with kubernetes 1.24)

$ oc get psp
Warning: policy/v1beta1 PodSecurityPolicy is deprecated in v1.21+, unavailable in v1.25+
NAME                 PRIV    CAPS   SELINUX    RUNASUSER   FSGROUP    SUPGROUP   READONLYROOTFS   VOLUMES
trident-controller   false          RunAsAny   RunAsAny    RunAsAny   RunAsAny   false            hostPath,projected,emptyDir
trident-node-linux   true           RunAsAny   RunAsAny    RunAsAny   RunAsAny   false            hostPath,projected,emptyDir

sjpeeris commented 3 weeks ago

Hi @KuldeepSharmaTR Please let us know if this issue still exists with the newer versions of Trident. If not, please close the issue.

sjpeeris commented 2 weeks ago

Closing. Please re-open if you notice this issue with newer versions of Trident.

NetApp / trident

K8S PSP getting created after setting excludePodSecurityPolicy to true #819