Would violate PodSecurity "restricted:latest" when installing Helm chart

[joel-teratis]

Describe the bug Following this guide I am facing an error installing the vault helm chart.

vault-injector.yaml:

# vault-injector.yaml
global:
  enabled: true
  externalVaultAddr: {my_vault_addr}
server:
  enabled: false
injector:
  enabled: true
  authPath: auth/kubernetes-dc1

helm install vault-dc1 -f vault-injector.yaml hashicorp/vault --wait

This returns the following error:

would violate PodSecurity "restricted:latest": seccompProfile (pod or container "sidecar-injector" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")

Because of this the injector pod never starts.

Expected behavior The expected behavior is no error showing when installing the chart and the injector pod starting.

Environment

• Kubernetes version: 1.30.1
  • Distribution or cloud vendor (OpenShift, EKS, GKE, AKS, etc.): Talos Linux v1.7.4
  • Other configuration options or runtime services (istio, etc.): Cilium CNI
• vault-helm version: Chart v0.28.0

Chart values:

# vault-injector.yaml
global:
  enabled: true
  externalVaultAddr: {my_vault_addr}
server:
  enabled: false
injector:
  enabled: true
  authPath: auth/kubernetes-dc1