So I have this GKE cluster where I'm trying to do

      securityContext:
        sysctls:
          - name: fs.file-max
            value: "10000030"

And I have a PSP set:

---
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
  name: sysctl-psp
spec:
  privileged: true
  seLinux:
    rule: RunAsAny
  supplementalGroups:
    rule: RunAsAny
  runAsUser:
    rule: RunAsAny
  fsGroup:
    rule: RunAsAny
  allowedUnsafeSysctls:
  - "*"

and ofc the related roles and rolebindings. However I still get forbidden sysctl: "fs.file-max" not whitelisted while running my deployment. What am I missing?