[PTP] Update notification namespace to be privileged

The ptp-notification application requires a privileged namespace in order to deploy and operate. This change moves the notification namespace from the baseline policy group to the privileged policy group so that it can continue to operate as it did prior to the addition of support for the Pod Security Admission controller introduced in the upversion to k8s 1.23. The privileged and baseline groups were defined in https://review.opendev.org/c/starlingx/config/+/833487 Test-plan: Pass: Update the privileged and baseline groups in common.py, restart sysinv-conductor and verify that ptp-notification is able to properly deploy. Pass: Verify that the notification namespace has the expected privileged labels. Closes-Bug: 1978737 Signed-off-by: Cole Walker <cole.walker@windriver.com> Change-Id: I5d24a8e81b32809f568a5953701cf2e0c474005e
2022-06-14 17:50:21 -04:00 · 2022-06-14 17:50:21 -04:00 · b50407b5fa
parent 2d72153e83
commit b50407b5fa
1 changed files with 2 additions and 3 deletions
--- a/sysinv/sysinv/sysinv/sysinv/helm/common.py
+++ b/sysinv/sysinv/sysinv/sysinv/helm/common.py
@ -42,11 +42,10 @@ HELM_NS_DEPLOYMENT = 'deployment'
 HELM_NS_ARMADA = 'armada'

 # namespace groups for pod security admission controller
-PRIVILEGED_NS = [HELM_NS_KUBE_SYSTEM]
+PRIVILEGED_NS = [HELM_NS_KUBE_SYSTEM, HELM_NS_NOTIFICATION]
 BASELINE_NS = [HELM_NS_CEPH, HELM_NS_NFS, HELM_NS_OPENSTACK, HELM_NS_HELM_TOOLKIT,
               HELM_NS_MONITOR, HELM_NS_RBD_PROVISIONER, HELM_NS_STORAGE_PROVISIONER,
-               HELM_NS_CERT_MANAGER, HELM_NS_VAULT, HELM_NS_NOTIFICATION,
-               HELM_NS_DEPLOYMENT, HELM_NS_ARMADA]
+               HELM_NS_CERT_MANAGER, HELM_NS_VAULT, HELM_NS_DEPLOYMENT, HELM_NS_ARMADA]
 POD_SECURITY_VERSION = 'v1.23'

 # Services