From 4a638bd760efec4d771f0b3cf8a5b1cafc0f7d28 Mon Sep 17 00:00:00 2001 From: Lumpiasty Date: Sun, 16 Feb 2025 18:18:02 +0100 Subject: [PATCH] add exception for pod security for openbao --- Makefile | 2 +- talos/patches/openbao.patch | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 talos/patches/openbao.patch diff --git a/Makefile b/Makefile index d7e63fd..35d218a 100644 --- a/Makefile +++ b/Makefile @@ -3,7 +3,7 @@ install-router: gen-talos-config: mkdir -p talos/generated - talosctl gen config --with-secrets secrets.yaml --config-patch @talos/patches/controlplane.patch --config-patch @talos/patches/openebs.patch --config-patch @talos/patches/zoma-dibaiyin.patch --output-types controlplane -o talos/generated/zoma-dibaiyin.yaml homelab https://kube-api.homelab.lumpiasty.xyz:6443 + talosctl gen config --with-secrets secrets.yaml --config-patch @talos/patches/controlplane.patch --config-patch @talos/patches/openebs.patch --config-patch @talos/patches/openbao.patch --config-patch @talos/patches/zoma-dibaiyin.patch --output-types controlplane -o talos/generated/zoma-dibaiyin.yaml homelab https://kube-api.homelab.lumpiasty.xyz:6443 talosctl gen config --with-secrets secrets.yaml --config-patch @talos/patches/controlplane.patch --output-types worker -o talos/generated/worker.yaml homelab https://kube-api.homelab.lumpiasty.xyz:6443 talosctl gen config --with-secrets secrets.yaml --output-types talosconfig -o talos/generated/talosconfig homelab https://kube-api.homelab.lumpiasty.xyz:6443 talosctl config endpoint kube-api.homelab.lumpiasty.xyz diff --git a/talos/patches/openbao.patch b/talos/patches/openbao.patch new file mode 100644 index 0000000..1c731aa --- /dev/null +++ b/talos/patches/openbao.patch @@ -0,0 +1,11 @@ +# CSI driver requirement +cluster: + apiServer: + admissionControl: + - name: PodSecurity + configuration: + apiVersion: pod-security.admission.config.k8s.io/v1beta1 + kind: PodSecurityConfiguration + exemptions: + namespaces: + - openbao \ No newline at end of file