For those who are interested, the
PodSecurity feature has graduated to beta and will be enabled by default in Kubernetes 1.23. You can start a development cluster from kubernetes/kubernetes
master to try it out now.
cd pod-security-admission/webhook
To remove the webhook once you're done trying it out (or once the cluster is upgraded to a version with the built-in admission plugin enabled), delete the same manifests used to create it:
As always, early feedback is appreciated. Feel free to jump into #sig-auth slack with questions, or
file issues you encounter (tag with `/sig auth`).
Many thanks to all who helped with the definition, implementation, and reviews for this!
Jordan