From 32f3d92d6b53b038bac2de0b1bc9321ef64b7aee Mon Sep 17 00:00:00 2001
From: Kay Yan <yankay@users.noreply.github.com>
Date: Mon, 17 Oct 2022 20:51:07 +0800
Subject: [PATCH] Remove PodSecurityPolicies in Calico (#9395)

---
 .../calico/templates/calico-apiserver.yml.j2  | 32 -------------------
 1 file changed, 32 deletions(-)

diff --git a/roles/network_plugin/calico/templates/calico-apiserver.yml.j2 b/roles/network_plugin/calico/templates/calico-apiserver.yml.j2
index 2ee15b4c8..dabc7a3f5 100644
--- a/roles/network_plugin/calico/templates/calico-apiserver.yml.j2
+++ b/roles/network_plugin/calico/templates/calico-apiserver.yml.j2
@@ -285,35 +285,3 @@ subjects:
 - kind: ServiceAccount
   name: calico-apiserver
   namespace: calico-apiserver
-
----
-
-apiVersion: policy/v1beta1
-kind: PodSecurityPolicy
-metadata:
-  annotations:
-    seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*'
-  name: calico-apiserver
-spec:
-  allowPrivilegeEscalation: false
-  fsGroup:
-    ranges:
-    - max: 65535
-      min: 1
-    rule: MustRunAs
-  hostPorts:
-  - max: 65535
-    min: 0
-  requiredDropCapabilities:
-  - ALL
-  runAsUser:
-    rule: RunAsAny
-  seLinux:
-    rule: RunAsAny
-  supplementalGroups:
-    ranges:
-    - max: 65535
-      min: 1
-    rule: MustRunAs
-  volumes:
-  - secret
-- 
GitLab