UPSTREAM: <carry>: namespace: use privileged PSA for audit and warn levels

joelanford · ci-robot · commit 9cfa7819c4a7 · 2025-02-15T00:06:57.000Z
Signed-off-by: Joe Lanford &lt;joe.lanford@gmail.com&gt;
diff --git a/openshift/kustomize/overlays/openshift/olmv1-ns/patches/manager_namespace_privileged.yaml b/openshift/kustomize/overlays/openshift/olmv1-ns/patches/manager_namespace_privileged.yaml
@@ -3,4 +3,9 @@ kind: Namespace
 metadata:
   name: system
   labels:
+    pod-security.kubernetes.io/audit: privileged
+    pod-security.kubernetes.io/audit-version: latest
+    pod-security.kubernetes.io/warn: privileged
+    pod-security.kubernetes.io/warn-version: latest
     pod-security.kubernetes.io/enforce: privileged
+    pod-security.kubernetes.io/enforce-version: latest
diff --git a/openshift/manifests/00-namespace-openshift-operator-controller.yml b/openshift/manifests/00-namespace-openshift-operator-controller.yml
@@ -2,8 +2,12 @@ apiVersion: v1
 kind: Namespace
 metadata:
   labels:
+    pod-security.kubernetes.io/audit: privileged
+    pod-security.kubernetes.io/audit-version: latest
     pod-security.kubernetes.io/enforce: privileged
     pod-security.kubernetes.io/enforce-version: latest
+    pod-security.kubernetes.io/warn: privileged
+    pod-security.kubernetes.io/warn-version: latest
   name: openshift-operator-controller
   annotations:
     workload.openshift.io/allowed: management
