pss patch fix

giantswarm · Jan 24, 2025 · cb300e0 · cb300e0
1 parent d0cdafa
commit cb300e0
Showing 1 changed file with 36 additions and 36 deletions.
diff --git a/sync/patches/pss/000-pss.patch b/sync/patches/pss/000-pss.patch
@@ -1,123 +1,123 @@
-diff --git a/vendor/cert-manager/./templates/cainjector-psp-clusterrole.yaml b/helm/cert-manager/charts/cert-manager/./templates/cainjector-psp-clusterrole.yaml
+diff --git a/vendor/cert-manager/templates/cainjector-psp-clusterrole.yaml b/helm/cert-manager/charts/cert-manager/templates/cainjector-psp-clusterrole.yaml
 index b75b9eb..da0a1fa 100644
---- a/vendor/cert-manager/./templates/cainjector-psp-clusterrole.yaml
-+++ b/helm/cert-manager/charts/cert-manager/./templates/cainjector-psp-clusterrole.yaml
+--- a/vendor/cert-manager/templates/cainjector-psp-clusterrole.yaml
++++ b/helm/cert-manager/charts/cert-manager/templates/cainjector-psp-clusterrole.yaml
 @@ -1,5 +1,5 @@
  {{- if .Values.cainjector.enabled }}
 -{{- if .Values.global.podSecurityPolicy.enabled }}
 +{{- if and (not .Values.global.podSecurityStandards.enforced) (.Values.global.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1") }}
  kind: ClusterRole
  apiVersion: rbac.authorization.k8s.io/v1
  metadata:
-diff --git a/vendor/cert-manager/./templates/cainjector-psp-clusterrolebinding.yaml b/helm/cert-manager/charts/cert-manager/./templates/cainjector-psp-clusterrolebinding.yaml
+diff --git a/vendor/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml b/helm/cert-manager/charts/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml
 index e2bfa26..1fe7b33 100644
---- a/vendor/cert-manager/./templates/cainjector-psp-clusterrolebinding.yaml
-+++ b/helm/cert-manager/charts/cert-manager/./templates/cainjector-psp-clusterrolebinding.yaml
+--- a/vendor/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml
++++ b/helm/cert-manager/charts/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml
 @@ -1,5 +1,5 @@
  {{- if .Values.cainjector.enabled }}
 -{{- if .Values.global.podSecurityPolicy.enabled }}
 +{{- if and (not .Values.global.podSecurityStandards.enforced) (.Values.global.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1") }}
  apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRoleBinding
  metadata:
-diff --git a/vendor/cert-manager/./templates/cainjector-psp.yaml b/helm/cert-manager/charts/cert-manager/./templates/cainjector-psp.yaml
+diff --git a/vendor/cert-manager/templates/cainjector-psp.yaml b/helm/cert-manager/charts/cert-manager/templates/cainjector-psp.yaml
 index 24f01da..3a7b643 100644
---- a/vendor/cert-manager/./templates/cainjector-psp.yaml
-+++ b/helm/cert-manager/charts/cert-manager/./templates/cainjector-psp.yaml
+--- a/vendor/cert-manager/templates/cainjector-psp.yaml
++++ b/helm/cert-manager/charts/cert-manager/templates/cainjector-psp.yaml
 @@ -1,5 +1,5 @@
  {{- if .Values.cainjector.enabled }}
 -{{- if .Values.global.podSecurityPolicy.enabled }}
 +{{- if and (not .Values.global.podSecurityStandards.enforced) (.Values.global.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1") }}
  apiVersion: policy/v1beta1
  kind: PodSecurityPolicy
  metadata:
-diff --git a/vendor/cert-manager/./templates/psp-clusterrole.yaml b/helm/cert-manager/charts/cert-manager/./templates/psp-clusterrole.yaml
+diff --git a/vendor/cert-manager/templates/psp-clusterrole.yaml b/helm/cert-manager/charts/cert-manager/templates/psp-clusterrole.yaml
 index 1d40a02..49bdd1f 100644
---- a/vendor/cert-manager/./templates/psp-clusterrole.yaml
-+++ b/helm/cert-manager/charts/cert-manager/./templates/psp-clusterrole.yaml
+--- a/vendor/cert-manager/templates/psp-clusterrole.yaml
++++ b/helm/cert-manager/charts/cert-manager/templates/psp-clusterrole.yaml
 @@ -1,4 +1,4 @@
 -{{- if .Values.global.podSecurityPolicy.enabled }}
 +{{- if and (not .Values.global.podSecurityStandards.enforced) (.Values.global.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1") }}
  kind: ClusterRole
  apiVersion: rbac.authorization.k8s.io/v1
  metadata:
-diff --git a/vendor/cert-manager/./templates/psp-clusterrolebinding.yaml b/helm/cert-manager/charts/cert-manager/./templates/psp-clusterrolebinding.yaml
+diff --git a/vendor/cert-manager/templates/psp-clusterrolebinding.yaml b/helm/cert-manager/charts/cert-manager/templates/psp-clusterrolebinding.yaml
 index 4f09b6b..763c497 100644
---- a/vendor/cert-manager/./templates/psp-clusterrolebinding.yaml
-+++ b/helm/cert-manager/charts/cert-manager/./templates/psp-clusterrolebinding.yaml
+--- a/vendor/cert-manager/templates/psp-clusterrolebinding.yaml
++++ b/helm/cert-manager/charts/cert-manager/templates/psp-clusterrolebinding.yaml
 @@ -1,4 +1,4 @@
 -{{- if .Values.global.podSecurityPolicy.enabled }}
 +{{- if and (not .Values.global.podSecurityStandards.enforced) (.Values.global.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1") }}
  apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRoleBinding
  metadata:
-diff --git a/vendor/cert-manager/./templates/psp.yaml b/helm/cert-manager/charts/cert-manager/./templates/psp.yaml
+diff --git a/vendor/cert-manager/templates/psp.yaml b/helm/cert-manager/charts/cert-manager/templates/psp.yaml
 index 9e99f5c..c82426f 100644
---- a/vendor/cert-manager/./templates/psp.yaml
-+++ b/helm/cert-manager/charts/cert-manager/./templates/psp.yaml
+--- a/vendor/cert-manager/templates/psp.yaml
++++ b/helm/cert-manager/charts/cert-manager/templates/psp.yaml
 @@ -1,4 +1,4 @@
 -{{- if .Values.global.podSecurityPolicy.enabled }}
 +{{- if and (not .Values.global.podSecurityStandards.enforced) (.Values.global.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1") }}
  apiVersion: policy/v1beta1
  kind: PodSecurityPolicy
  metadata:
-diff --git a/vendor/cert-manager/./templates/startupapicheck-psp-clusterrole.yaml b/helm/cert-manager/charts/cert-manager/./templates/startupapicheck-psp-clusterrole.yaml
+diff --git a/vendor/cert-manager/templates/startupapicheck-psp-clusterrole.yaml b/helm/cert-manager/charts/cert-manager/templates/startupapicheck-psp-clusterrole.yaml
 index dacd4be..4c634a2 100644
---- a/vendor/cert-manager/./templates/startupapicheck-psp-clusterrole.yaml
-+++ b/helm/cert-manager/charts/cert-manager/./templates/startupapicheck-psp-clusterrole.yaml
+--- a/vendor/cert-manager/templates/startupapicheck-psp-clusterrole.yaml
++++ b/helm/cert-manager/charts/cert-manager/templates/startupapicheck-psp-clusterrole.yaml
 @@ -1,5 +1,5 @@
  {{- if .Values.startupapicheck.enabled }}
 -{{- if .Values.global.podSecurityPolicy.enabled }}
 +{{- if and (not .Values.global.podSecurityStandards.enforced) (.Values.global.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1") }}
  kind: ClusterRole
  apiVersion: rbac.authorization.k8s.io/v1
  metadata:
-diff --git a/vendor/cert-manager/./templates/startupapicheck-psp-clusterrolebinding.yaml b/helm/cert-manager/charts/cert-manager/./templates/startupapicheck-psp-clusterrolebinding.yaml
+diff --git a/vendor/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml b/helm/cert-manager/charts/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml
 index 54d5a42..21eef36 100644
---- a/vendor/cert-manager/./templates/startupapicheck-psp-clusterrolebinding.yaml
-+++ b/helm/cert-manager/charts/cert-manager/./templates/startupapicheck-psp-clusterrolebinding.yaml
+--- a/vendor/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml
++++ b/helm/cert-manager/charts/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml
 @@ -1,5 +1,5 @@
  {{- if .Values.startupapicheck.enabled }}
 -{{- if .Values.global.podSecurityPolicy.enabled }}
 +{{- if and (not .Values.global.podSecurityStandards.enforced) (.Values.global.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1") }}
  apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRoleBinding
  metadata:
-diff --git a/vendor/cert-manager/./templates/startupapicheck-psp.yaml b/helm/cert-manager/charts/cert-manager/./templates/startupapicheck-psp.yaml
+diff --git a/vendor/cert-manager/templates/startupapicheck-psp.yaml b/helm/cert-manager/charts/cert-manager/templates/startupapicheck-psp.yaml
 index f09d60d..5b3ef3c 100644
---- a/vendor/cert-manager/./templates/startupapicheck-psp.yaml
-+++ b/helm/cert-manager/charts/cert-manager/./templates/startupapicheck-psp.yaml
+--- a/vendor/cert-manager/templates/startupapicheck-psp.yaml
++++ b/helm/cert-manager/charts/cert-manager/templates/startupapicheck-psp.yaml
 @@ -1,5 +1,5 @@
  {{- if .Values.startupapicheck.enabled }}
 -{{- if .Values.global.podSecurityPolicy.enabled }}
 +{{- if and (not .Values.global.podSecurityStandards.enforced) (.Values.global.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1") }}
  apiVersion: policy/v1beta1
  kind: PodSecurityPolicy
  metadata:
-diff --git a/vendor/cert-manager/./templates/webhook-psp-clusterrole.yaml b/helm/cert-manager/charts/cert-manager/./templates/webhook-psp-clusterrole.yaml
+diff --git a/vendor/cert-manager/templates/webhook-psp-clusterrole.yaml b/helm/cert-manager/charts/cert-manager/templates/webhook-psp-clusterrole.yaml
 index f6fa4c5..fdfeb54 100644
---- a/vendor/cert-manager/./templates/webhook-psp-clusterrole.yaml
-+++ b/helm/cert-manager/charts/cert-manager/./templates/webhook-psp-clusterrole.yaml
+--- a/vendor/cert-manager/templates/webhook-psp-clusterrole.yaml
++++ b/helm/cert-manager/charts/cert-manager/templates/webhook-psp-clusterrole.yaml
 @@ -1,4 +1,4 @@
 -{{- if .Values.global.podSecurityPolicy.enabled }}
 +{{- if and (not .Values.global.podSecurityStandards.enforced) (.Values.global.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1") }}
  kind: ClusterRole
  apiVersion: rbac.authorization.k8s.io/v1
  metadata:
-diff --git a/vendor/cert-manager/./templates/webhook-psp-clusterrolebinding.yaml b/helm/cert-manager/charts/cert-manager/./templates/webhook-psp-clusterrolebinding.yaml
+diff --git a/vendor/cert-manager/templates/webhook-psp-clusterrolebinding.yaml b/helm/cert-manager/charts/cert-manager/templates/webhook-psp-clusterrolebinding.yaml
 index 858df8f..229e914 100644
---- a/vendor/cert-manager/./templates/webhook-psp-clusterrolebinding.yaml
-+++ b/helm/cert-manager/charts/cert-manager/./templates/webhook-psp-clusterrolebinding.yaml
+--- a/vendor/cert-manager/templates/webhook-psp-clusterrolebinding.yaml
++++ b/helm/cert-manager/charts/cert-manager/templates/webhook-psp-clusterrolebinding.yaml
 @@ -1,4 +1,4 @@
 -{{- if .Values.global.podSecurityPolicy.enabled }}
 +{{- if and (not .Values.global.podSecurityStandards.enforced) (.Values.global.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1") }}
  apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRoleBinding
  metadata:
-diff --git a/vendor/cert-manager/./templates/webhook-psp.yaml b/helm/cert-manager/charts/cert-manager/./templates/webhook-psp.yaml
+diff --git a/vendor/cert-manager/templates/webhook-psp.yaml b/helm/cert-manager/charts/cert-manager/templates/webhook-psp.yaml
 index 4d5d959..3eb6994 100644
---- a/vendor/cert-manager/./templates/webhook-psp.yaml
-+++ b/helm/cert-manager/charts/cert-manager/./templates/webhook-psp.yaml
+--- a/vendor/cert-manager/templates/webhook-psp.yaml
++++ b/helm/cert-manager/charts/cert-manager/templates/webhook-psp.yaml
 @@ -1,4 +1,4 @@
 -{{- if .Values.global.podSecurityPolicy.enabled }}
 +{{- if and (not .Values.global.podSecurityStandards.enforced) (.Values.global.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1") }}