From e2046749ac08c5cc5e37bb4ae8b86bd330cac743 Mon Sep 17 00:00:00 2001 From: Alejandro Macedo Date: Tue, 19 Aug 2025 04:57:36 -0500 Subject: [PATCH] Fix: Change "empty" definition for PodSecurity Admission configuration (#12439) Fixes a bug where `kube-apiserver` fails to start if the PodSecurity configuration file doesn't have the `apiVersion` and `kind` keys. Signed-off-by: Alejandro Macedo --- roles/kubernetes/control-plane/templates/podsecurity.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kubernetes/control-plane/templates/podsecurity.yaml.j2 b/roles/kubernetes/control-plane/templates/podsecurity.yaml.j2 index c97373306..f3f02d2c2 100644 --- a/roles/kubernetes/control-plane/templates/podsecurity.yaml.j2 +++ b/roles/kubernetes/control-plane/templates/podsecurity.yaml.j2 @@ -1,6 +1,6 @@ -{% if kube_pod_security_use_default %} apiVersion: pod-security.admission.config.k8s.io/v1 kind: PodSecurityConfiguration +{% if kube_pod_security_use_default %} defaults: enforce: "{{ kube_pod_security_default_enforce }}" enforce-version: "{{ kube_pod_security_default_enforce_version }}"