Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-60458

It is better to use v1 instead of still v1beta1 for PodSecurityConfiguration in hypershift hosted cluster

XMLWordPrintable

    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • None
    • Moderate
    • None
    • None
    • None
    • None
    • Done
    • Release Note Not Required
    • N/A
    • None
    • None
    • None
    • None

      This is a clone of issue OCPBUGS-57588. The following is the description of the original issue:

      This is a clone of issue OCPBUGS-57115. The following is the description of the original issue:

      Description of problem:

      The hypershift hosted cluster still uses v1beta1 for PodSecurityConfiguration. But k8s upstream and OCP both use v1. E.g. for k8s, https://v1-29.docs.kubernetes.io/docs/tasks/configure-pod-container/enforce-standards-admission-controller/#configure-the-admission-controller shows "pod-security.admission.config.k8s.io/v1", and says "pod-security.admission.config.k8s.io/v1 configuration requires v1.25+. For v1.23 and v1.24, use v1beta1". For OCP 4.14+, v1 is already used.

      Version-Release number of selected component (if applicable):

      4.20.0-0.nightly-2025-06-03-010923

      How reproducible:

      Always

      Steps to Reproduce:

      1. $ oc get --kubeconfig=$MGMT_KUBECONFIG cm/kas-config -n clusters-$HC_NAME -ojsonpath='{.data.config\.json}' | jq '.admission.pluginConfig.PodSecurity'

      Actual results:

      1. Shows:
        "configuration": {
          "kind": "PodSecurityConfiguration",
          "apiVersion": "pod-security.admission.config.k8s.io/v1beta1",
      

      Expected results:

      1. Should show "apiVersion": "pod-security.admission.config.k8s.io/v1" instead.

      Additional info:

       

              jparrill@redhat.com Juan Manuel Parrilla Madrid
              openshift-crt-jira-prow OpenShift Prow Bot
              None
              None
              Yu Li Yu Li
              None
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: