chore(cleanup): To cleanup PSP related files or changes

As PSP will be removed from k8s upstream
(kubernetes/kubernetes#90603), any psp related
changes in codebase can be cleaned up.

Closes #12468

Signed-off-by: Tam Mach <sayboras@yahoo.com>

install/kubernetes/cilium/values.yaml

@@ -461,10 +461,6 @@ global:
   # remoteNodeIdentity enables use of the remote node identity
   remoteNodeIdentity: true
 
-  # psp creates and binds PodSecurityPolicies for the components that require it
-  psp:
-    enabled: false
-
   # hubble configures Hubble.
   hubble:
     enabled: false

test/helpers/kubectl.go

@@ -101,7 +101,6 @@ var (
 		"global.etcd.leaseTTL":                "30s",
 		"global.ipv4.enabled":                 "true",
 		"global.ipv6.enabled":                 "true",
-		"global.psp.enabled":                  "true",
 		"global.ci.kubeCacheMutationDetector": "true",
 		"config.bpfMasquerade":                "true",
 		// Disable by default, so that 4.9 CI build does not panic due to

test/k8sT/Updates.go

@@ -153,11 +153,10 @@ func InstallAndValidateCiliumUpgrades(kubectl *helpers.Kubectl, oldHelmChartVers
 		_ = kubectl.ExecMiddle("helm delete cilium --namespace=" + helpers.CiliumNamespace)
 		_ = kubectl.ExecMiddle(fmt.Sprintf("kubectl delete configmap --namespace=%s cilium-config", helpers.CiliumNamespace))
 		_ = kubectl.ExecMiddle(fmt.Sprintf("kubectl delete serviceaccount --namespace=%s cilium cilium-operator", helpers.CiliumNamespace))
-		_ = kubectl.ExecMiddle("kubectl delete clusterrole cilium cilium-operator cilium-psp cilium-operator-psp")
-		_ = kubectl.ExecMiddle("kubectl delete clusterrolebinding cilium cilium-operator cilium-psp cilium-operator-psp")
+		_ = kubectl.ExecMiddle("kubectl delete clusterrole cilium cilium-operator")
+		_ = kubectl.ExecMiddle("kubectl delete clusterrolebinding cilium cilium-operator")
 		_ = kubectl.ExecMiddle(fmt.Sprintf("kubectl delete daemonset --namespace=%s cilium", helpers.CiliumNamespace))
 		_ = kubectl.ExecMiddle(fmt.Sprintf("kubectl delete deployment --namespace=%s cilium-operator", helpers.CiliumNamespace))
-		_ = kubectl.ExecMiddle("kubectl delete podsecuritypolicy cilium-psp cilium-operator-psp")
 		_ = kubectl.ExecMiddle(fmt.Sprintf("kubectl delete daemonset --namespace=%s cilium-node-init", helpers.CiliumNamespace))
 		ExpectAllPodsTerminated(kubectl)
 		opts := map[string]string{

test/k8sT/manifests/metallb.yaml

@@ -5,35 +5,6 @@ metadata:
     app: metallb
   name: metallb-system
 ---
-apiVersion: policy/v1beta1
-kind: PodSecurityPolicy
-metadata:
-  labels:
-    app: metallb
-  name: speaker
-  namespace: metallb-system
-spec:
-  allowPrivilegeEscalation: false
-  allowedCapabilities:
-  - NET_ADMIN
-  - NET_RAW
-  - SYS_ADMIN
-  fsGroup:
-    rule: RunAsAny
-  hostNetwork: true
-  hostPorts:
-  - max: 7472
-    min: 7472
-  privileged: true
-  runAsUser:
-    rule: RunAsAny
-  seLinux:
-    rule: RunAsAny
-  supplementalGroups:
-    rule: RunAsAny
-  volumes:
-  - '*'
----
 apiVersion: v1
 kind: ServiceAccount
 metadata: