fix(pkg/rke2): psa custom path #3665
Conversation
|
Anyone is available to review this ? |
|
I believe this was intended behavior - we only write the default config file. If you provide your own config file path, it will be used, but you are responsible for populating it with the correct content. I would defer to @galal-hussein on that though. |
|
To be clear @perriea - you object to the fact that RKE2 is writing the default configuration file out to the fixed location, even if you've specified a custom path that already contains your desired configuration? |
|
Yes, otherwise I don't understand the existence of this flag which at this moment is useless or no sense 😅 |
|
Correct me if i'm wrong @perriea, but I think the point of this flag is for us to provide our own version of the |
Proposed Changes
In fact, a
pod-security-admission-config-fileflag exists to define an arbitrary path for the PSA. But even if the flag is set, the file is still created at/etc/rancher/rke2/rke2-pss.yaml(defaultPSAConfigFile). This is incorrect behavior.Types of Changes
Bugfix
Linked Issues
/!\ This flag isn't registered in the documentation #3440