Fix profilerecording failed to create selinuxprofile issue

Author: xiaojiey

internal/pkg/webhooks/recording/recording.go

@@ -252,10 +252,10 @@ func (p *podSeccompRecorder) updateSecurityContext(
 	}
 
 	switch pr.Spec.Kind {
-	case profilerecordingv1alpha1.ProfileRecordingKindSeccompProfile,
-		profilerecordingv1alpha1.ProfileRecordingKindSelinuxProfile,
-		profilerecordingv1alpha1.ProfileRecordingKindAppArmorProfile:
+	case profilerecordingv1alpha1.ProfileRecordingKindSeccompProfile:
 		p.updateSeccompSecurityContext(ctr, pr)
+	case profilerecordingv1alpha1.ProfileRecordingKindSelinuxProfile:
+		p.updateSelinuxSecurityContext(ctr, pr)
 	}
 
 	p.log.Info(fmt.Sprintf(
@@ -290,6 +290,26 @@ func (p *podSeccompRecorder) updateSeccompSecurityContext(
 	ctr.SecurityContext.SeccompProfile.LocalhostProfile = &profile
 }
 
+func (p *podSeccompRecorder) updateSelinuxSecurityContext(
+	ctr *corev1.Container,
+	pr *profilerecordingv1alpha1.ProfileRecording,
+) {
+	if ctr.SecurityContext == nil {
+		ctr.SecurityContext = &corev1.SecurityContext{}
+	}
+
+	if ctr.SecurityContext.SELinuxOptions == nil {
+		ctr.SecurityContext.SELinuxOptions = &corev1.SELinuxOptions{}
+	} else {
+		p.record.Eventf(pr,
+			corev1.EventTypeWarning,
+			"SecurityContextAlreadySet",
+			"Container %s had SecurityContext already set, the profile recorder overwrote it", ctr.Name)
+	}
+
+	ctr.SecurityContext.SELinuxOptions.Type = config.SelinuxPermissiveProfile
+}
+
 func (p *podSeccompRecorder) setRecordingReferences(
 	ctx context.Context,
 	op admissionv1.Operation,