fix: removing PodSecurityPolicy files from manifests folders #1257
Conversation
💖 Thanks for opening your first pull request! 💖 We use semantic commit messages to streamline the release process. Before your pull request can be merged, you should make sure your first commit and PR title start with a semantic prefix. Examples of commit messages with semantic prefixes: - |
Codecov Report
@@ Coverage Diff @@
## master #1257 +/- ##
=========================================
+ Coverage 74.81% 75% +0.18%
=========================================
Files 128 129 +1
Lines 18318 18537 +219
=========================================
+ Hits 13705 13904 +199
- Misses 3829 3840 +11
- Partials 784 793 +9 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
Thanks for this @allantargino! |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: allantargino, jackfrancis The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Congrats on merging your first pull request! 🎉🎉🎉 |
Reason for Change:
Issue #633 describes a bug with kubelet trying to parse PodSecurityPolicy (PSP) file into a pod. The reason is because the PSP file were in a folder used by the kubelet to setup static pod definitions, causing the kubelet to try deploying it every 20s (default value for polling the definitions folder).
The current cloudinit placeholder used to inject the PSP file is
MASTER_MANIFESTS_CONFIG_PLACEHOLDER
. There are 2 other places in the current templates we can inject it:Since
addons
seems more generic thancontainer addons
placeholder, I opted to move it to this location.Issue Fixed:
fixes #633
Requirements:
Notes: