Closed majst01 closed 1 year ago
We should not only check, if the version is >=1.25, but also if PSP is disabled. https://github.com/gardener/gardener/blob/v1.56.2/pkg/apis/core/v1beta1/helper/helper.go#L1351C6-L1351C19
Before upgrading from 1.24 to 1.25 PSP must be disabled: https://github.com/gardener/gardener/blob/master/docs/usage/pod-security.md?plain=1#L13
See for example: https://github.com/gardener/gardener-extension-provider-aws/blob/b4d0efb80c73561b6c843462e133673f063962d6/charts/internal/shoot-system-components/charts/csi-driver-node/templates/podsecuritypolicy.yaml#L1
https://github.com/gardener/gardener-extension-provider-aws/blob/b4d0efb80c73561b6c843462e133673f063962d6/pkg/controller/controlplane/valuesprovider.go#L750
We should not only check, if the version is >=1.25, but also if PSP is disabled. https://github.com/gardener/gardener/blob/v1.56.2/pkg/apis/core/v1beta1/helper/helper.go#L1351C6-L1351C19
Before upgrading from 1.24 to 1.25 PSP must be disabled: https://github.com/gardener/gardener/blob/master/docs/usage/pod-security.md?plain=1#L13
See for example: https://github.com/gardener/gardener-extension-provider-aws/blob/b4d0efb80c73561b6c843462e133673f063962d6/charts/internal/shoot-system-components/charts/csi-driver-node/templates/podsecuritypolicy.yaml#L1
https://github.com/gardener/gardener-extension-provider-aws/blob/b4d0efb80c73561b6c843462e133673f063962d6/pkg/controller/controlplane/valuesprovider.go#L750