feat(#646): Got Kubernetes 1.25 working in Azure using audit with aad-pod-identity

Author: commjoen

azure/k8s-vault-azure-start.sh

@@ -35,7 +35,7 @@ export AZ_KEY_VAULT_NAME="$(terraform output -raw vault_name)"
 az aks get-credentials --resource-group $RESOURCE_GROUP --name $CLUSTER_NAME
 
 echo "Setting up workspace PSA to restricted for default"
-kubectl apply -f ../k8s/workspace-psa.yml
+kubectl apply -f k8s/workspace-psa.yml
 
 kubectl get configmaps | grep 'secrets-file' &>/dev/null
 if [ $? == 0 ]; then

azure/k8s/workspace-psa.yml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: default
+  labels:
+    pod-security.kubernetes.io/audit: restricted
+    kubernetes.io/metadata.name: default