turn PodSecurity admission to enforce restricted globally

stlaz · stlaz · commit fe247321ae0f · 2022-07-27T10:42:43.000+02:00
Also removes the warn and audit levels as these are driven
by the enforcement policy.
diff --git a/bindata/assets/config/defaultconfig.yaml b/bindata/assets/config/defaultconfig.yaml
@@ -14,12 +14,8 @@ admission:
         kind: PodSecurityConfiguration
         apiVersion: pod-security.admission.config.k8s.io/v1beta1
         defaults:
-          enforce: "privileged"
+          enforce: "restricted"
           enforce-version: "latest"
-          audit: "restricted"
-          audit-version: "latest"
-          warn: "restricted"
-          warn-version: "latest"
         exemptions:
           usernames:
           # The build controller creates pods that are likely to be privileged
