Talos install issue

[d3287t328]

namespace/substratus created
customresourcedefinition.apiextensions.k8s.io/datasets.substratus.ai created
customresourcedefinition.apiextensions.k8s.io/models.substratus.ai created
customresourcedefinition.apiextensions.k8s.io/notebooks.substratus.ai created
customresourcedefinition.apiextensions.k8s.io/servers.substratus.ai created
serviceaccount/controller-manager created
serviceaccount/sci created
role.rbac.authorization.k8s.io/leader-election-role created
clusterrole.rbac.authorization.k8s.io/manager-role created
clusterrole.rbac.authorization.k8s.io/metrics-reader created
clusterrole.rbac.authorization.k8s.io/proxy-role created
rolebinding.rbac.authorization.k8s.io/leader-election-rolebinding created
clusterrolebinding.rbac.authorization.k8s.io/manager-rolebinding created
clusterrolebinding.rbac.authorization.k8s.io/proxy-rolebinding created
configmap/configure-cri created
configmap/system created
service/controller-manager-metrics-service created
service/registry created
Warning: would violate PodSecurity "restricted:latest": seccompProfile (pod or containers "kube-rbac-proxy", "manager" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")
deployment.apps/controller-manager created
Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "registry" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "registry" must set securityContext.capabilities.drop=["ALL"]), restricted volume types (volume "registry" uses restricted volume type "hostPath"), runAsNonRoot != true (pod or container "registry" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "registry" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")
deployment.apps/registry created
Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "sci" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "sci" must set securityContext.capabilities.drop=["ALL"]), restricted volume types (volume "bucket" uses restricted volume type "hostPath"), runAsNonRoot != true (pod or container "sci" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "sci" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")
deployment.apps/sci created
Warning: would violate PodSecurity "restricted:latest": host namespaces (hostPID=true), privileged (container "configure-cri" must not set securityContext.privileged=true), allowPrivilegeEscalation != false (containers "configure-cri", "pause" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (containers "configure-cri", "pause" must set securityContext.capabilities.drop=["ALL"]), restricted volume types (volume "etc" uses restricted volume type "hostPath"), runAsNonRoot != true (pod or containers "configure-cri", "pause" must set securityContext.runAsNonRoot=true), seccompProfile (pod or containers "configure-cri", "pause" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")
daemonset.apps/configure-cri created

This error came up in a fresh talos cluster. Something like this might be helpful:

  allowPrivilegeEscalation: false
  runAsNonRoot: true
  seccompProfile:
    type: RuntimeDefault
  capabilities:
    drop:
      - ALL