Skip to content

Commit

Permalink
Fix the PR according to code review comments
Browse files Browse the repository at this point in the history
  • Loading branch information
@Foxlik
Foxlik committed Jul 21, 2022
1 parent 432df40 commit d93d26f
Show file tree
Hide file tree
Showing 3 changed files with 1 addition and 4 deletions.
1 change: 0 additions & 1 deletion roles/kubernetes/control-plane/defaults/main/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,6 @@ kube_pod_security_exemptions_runtime_class_names: []
kube_pod_security_exemptions_namespaces:
- kube-system


# 1.10+ list of disabled admission plugins
kube_apiserver_disable_admission_plugins: []

Expand Down
2 changes: 0 additions & 2 deletions roles/kubernetes/control-plane/templates/podsecurity.v1beta2.yaml.j2
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
{% if kube_pod_security_use_default %}
apiVersion: pod-security.admission.config.k8s.io/v1beta1
kind: PodSecurityConfiguration
defaults:
Expand All @@ -12,4 +11,3 @@ exemptions:
usernames: {{ kube_pod_security_exemptions_usernames|to_json }}
runtimeClasses: {{ kube_pod_security_exemptions_runtime_class_names|to_json }}
namespaces: {{ kube_pod_security_exemptions_namespaces|to_json }}
{% endif %}
2 changes: 1 addition & 1 deletion roles/kubernetes/control-plane/vars/main.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
---
# list of admission plugins that needs to be configured
kube_apiserver_admission_plugins_needs_configuration: [EventRateLimit, PodSecurity]
kube_apiserver_admission_plugins_needs_configuration: "{{ ['EventRateLimit', kube_pod_security_use_default|ternary('PodSecurity', None)]|select('string') }}"

0 comments on commit d93d26f

Please sign in to comment.