Rename pod-security policy engine reference to pod-security-standards.

educates · May 4, 2022 · ea8a85d · ea8a85d
1 parent 2cf0f75
commit ea8a85d
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 6 deletions.
diff --git a/carvel-package/bundle/config/00-schema.yaml b/carvel-package/bundle/config/00-schema.yaml
@@ -112,7 +112,7 @@ clusterSecrets:
       name: ""
 
 #! Policy engine used to enforce security. Options are "pod-security-policies",
-#! "pod-security", "kyverno" and "none".
+#! "pod-security-standards", "kyverno" and "none".
 
 clusterSecurity:
 

diff --git a/session-manager/handlers/trainingportal.py b/session-manager/handlers/trainingportal.py
@@ -186,7 +186,7 @@ def training_portal_create(name, uid, body, spec, status, patch, **_):
         },
     }
 
-    if CLUSTER_SECURITY_POLICY_ENGINE == "pod-security":
+    if CLUSTER_SECURITY_POLICY_ENGINE == "pod-security-standards":
         namespace_body["metadata"]["labels"][
             "pod-security.kubernetes.io/enforce"
         ] = "restricted"

diff --git a/session-manager/handlers/workshopenvironment.py b/session-manager/handlers/workshopenvironment.py
@@ -129,7 +129,7 @@ def workshop_environment_create(name, meta, spec, patch, logger, **_):
         },
     }
 
-    if CLUSTER_SECURITY_POLICY_ENGINE == "pod-security":
+    if CLUSTER_SECURITY_POLICY_ENGINE == "pod-security-standards":
         namespace_body["metadata"]["labels"][
             "pod-security.kubernetes.io/enforce"
         ] = "privileged"

diff --git a/session-manager/handlers/workshopsession.py b/session-manager/handlers/workshopsession.py
@@ -1039,7 +1039,7 @@ def resolve_security_policy(name):
         },
     }
 
-    if CLUSTER_SECURITY_POLICY_ENGINE == "pod-security":
+    if CLUSTER_SECURITY_POLICY_ENGINE == "pod-security-standards":
         namespace_body["metadata"]["labels"][
             "pod-security.kubernetes.io/enforce"
         ] = namespace_security_policy
@@ -1271,7 +1271,7 @@ def resolve_security_policy(name):
                 },
             }
 
-            if CLUSTER_SECURITY_POLICY_ENGINE == "pod-security":
+            if CLUSTER_SECURITY_POLICY_ENGINE == "pod-security-standards":
                 namespace_body["metadata"]["labels"][
                     "pod-security.kubernetes.io/enforce"
                 ] = target_security_policy
@@ -1368,7 +1368,7 @@ def resolve_security_policy(name):
                 }
             )
 
-            if CLUSTER_SECURITY_POLICY_ENGINE == "pod-security":
+            if CLUSTER_SECURITY_POLICY_ENGINE == "pod-security-standards":
                 object_body["metadata"]["labels"][
                     "pod-security.kubernetes.io/enforce"
                 ] = target_security_policy