openstack-helm-infra/ceph-osd/values_overrides/apparmor.yaml

---
pod:
  mandatory_access_control:
    type: apparmor
    ceph-osd-default:
      ceph-osd-default: runtime/default
      log-runner: runtime/default
      ceph-init-dirs: runtime/default
      ceph-log-ownership: runtime/default
      osd-init: runtime/default
      init: runtime/default
    ceph-osd-test:
      init: runtime/default
      ceph-cluster-helm-test: runtime/default
    ceph-osd-post-apply:
      ceph-osd-post-apply: runtime/default
      init: runtime/default
  lifecycle:
    upgrades:
      daemonsets:
        pod_replacement_strategy: OnDelete
...