diff --git a/packages/rancher-cis-benchmark/charts/Chart.yaml b/packages/rancher-cis-benchmark/charts/Chart.yaml index a94b7c2d6..475c699a4 100644 --- a/packages/rancher-cis-benchmark/charts/Chart.yaml +++ b/packages/rancher-cis-benchmark/charts/Chart.yaml @@ -17,3 +17,4 @@ annotations: catalog.cattle.io/os: linux catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match catalog.cattle.io/rancher-version: ">= 2.6.0-0" + catalog.cattle.io/kube-version: ">=1.16.0-0" diff --git a/packages/rancher-grafana/generated-changes/patch/templates/podsecuritypolicy.yaml.patch b/packages/rancher-grafana/generated-changes/patch/templates/podsecuritypolicy.yaml.patch index f1a91fd35..439672d3e 100644 --- a/packages/rancher-grafana/generated-changes/patch/templates/podsecuritypolicy.yaml.patch +++ b/packages/rancher-grafana/generated-changes/patch/templates/podsecuritypolicy.yaml.patch @@ -1,6 +1,6 @@ --- charts-original/templates/podsecuritypolicy.yaml +++ charts/templates/podsecuritypolicy.yaml -@@ -5,19 +5,27 @@ +@@ -5,13 +5,9 @@ name: {{ template "grafana.fullname" . }} labels: {{- include "grafana.labels" . | nindent 4 }} @@ -17,23 +17,3 @@ spec: privileged: false allowPrivilegeEscalation: false - requiredDropCapabilities: -- # Default set from Docker, with DAC_OVERRIDE and CHOWN -- - ALL -+ # The list comes from K8s' pod security standards, with only CHOWN left -+ # ref: https://kubernetes.io/docs/concepts/security/pod-security-standards/ -+ - AUDIT_WRITE -+ - DAC_OVERRIDE -+ - FOWNER -+ - FSETID -+ - KILL -+ - MKNOD -+ - NET_BIND_SERVICE -+ - SETFCAP -+ - SETGID -+ - SETPCAP -+ - SETUID -+ - SYS_CHROOT - volumes: - - 'configMap' - - 'emptyDir' diff --git a/packages/rancher-logging/generated-changes/patch/Chart.yaml.patch b/packages/rancher-logging/generated-changes/patch/Chart.yaml.patch index f42b13e65..b06e2e31b 100644 --- a/packages/rancher-logging/generated-changes/patch/Chart.yaml.patch +++ b/packages/rancher-logging/generated-changes/patch/Chart.yaml.patch @@ -1,6 +1,6 @@ --- charts-original/Chart.yaml +++ charts/Chart.yaml -@@ -1,5 +1,19 @@ +@@ -1,5 +1,20 @@ apiVersion: v1 appVersion: 3.15.0 -description: A Helm chart to install Banzai Cloud logging-operator @@ -22,3 +22,4 @@ + catalog.cattle.io/provides-gvr: logging.banzaicloud.io.clusterflow/v1beta1 + catalog.cattle.io/display-name: "Logging" + catalog.cattle.io/auto-install: rancher-logging-crd=match ++ catalog.cattle.io/kube-version: ">=1.16.0-0"