Skip to content

Commit a427abf

Browse files
camilamacedo86camilamacedo86
committed
fix: update PSA versions to match Kubernetes API version
In this commit, a new Makefile target `update-k8s-values` was created to automatically update the `pod-security.kubernetes.io/*-version` values (`enforceVersion`, `auditVersion`, `warnVersion`) in the Helm chart's `values.yaml` file. These values now align with the Kubernetes API version defined in `go.mod`, instead of using `latest`. This ensures better compatibility and avoids issues with unsupported versions in Kubernetes PSA.
1 parent 59bfe7f commit a427abf

File tree

2 files changed

+17
-6
lines changed

2 files changed

+17
-6
lines changed

Makefile

+13-2
Original file line numberDiff line numberDiff line change
@@ -276,7 +276,14 @@ e2e-local: e2e-build kind-create deploy e2e
276276
#SECTION Code Generation
277277

278278
.PHONY: gen-all #HELP Update OLM API, generate code and mocks
279-
gen-all: manifests codegen mockgen
279+
gen-all: manifests codegen update-k8s-values mockgen
280+
281+
.PHONY: update-k8s-values #HELP Update Helm Chart values with Kubernetes version
282+
update-k8s-values:
283+
sed -i.bak -E 's/^( *enforceVersion:).*/\1 "$(KUBE_MINOR)"/' deploy/chart/values.yaml
284+
sed -i.bak -E 's/^( *auditVersion:).*/\1 "$(KUBE_MINOR)"/' deploy/chart/values.yaml
285+
sed -i.bak -E 's/^( *warnVersion:).*/\1 "$(KUBE_MINOR)"/' deploy/chart/values.yaml
286+
rm deploy/chart/values.yaml.bak
280287

281288
.PHONY: manifests
282289
manifests: vendor #HELP Copy OLM API CRD manifests to deploy/chart/crds
@@ -313,8 +320,12 @@ verify-mockgen: mockgen #HELP Check mocks are up to date
313320
verify-manifests: manifests #HELP Check CRD manifests are up to date
314321
$(MAKE) diff
315322

323+
.PHONY: verify-update-k8s-values
324+
verify-update-k8s-values: update-k8s-values #HELP Check if Helm Chart values are updated with k8s version
325+
$(MAKE) diff
326+
316327
.PHONY: verify
317-
verify: vendor verify-codegen verify-mockgen verify-manifests #HELP Run all verification checks
328+
verify: vendor verify-codegen verify-mockgen verify-manifests verify-update-k8s-values #HELP Run all verification checks
318329
$(MAKE) diff
319330

320331
#SECTION Release

deploy/chart/values.yaml

+4-4
Original file line numberDiff line numberDiff line change
@@ -3,17 +3,17 @@ namespace: operator-lifecycle-manager
33
# see https://kubernetes.io/docs/concepts/security/pod-security-admission/ for more details
44
namespace_psa:
55
enforceLevel: baseline
6-
enforceVersion: latest
6+
enforceVersion: "1.32"
77
auditLevel: restricted
8-
auditVersion: latest
8+
auditVersion: "1.32"
99
warnLevel: restricted
10-
warnVersion: latest
10+
warnVersion: "1.32"
1111
catalog_namespace: operator-lifecycle-manager
1212
operator_namespace: operators
1313
# see https://kubernetes.io/docs/concepts/security/pod-security-admission/ for more details
1414
operator_namespace_psa:
1515
enforceLevel: baseline
16-
enforceVersion: latest
16+
enforceVersion: "1.32"
1717
minKubeVersion: 1.11.0
1818
writeStatusName: '""'
1919
imagestream: false

0 commit comments

Comments
 (0)