Does this mean that even if I could somehow add the "
capabilities.cattle.io/pspEnabled": "true" annotation to the local cluster I wouldn't be able to select the PSP for the projects I create via the UI?
I'm now thinking maybe I should create the namespaces with appropriate PSPs outside Rancher and then just have Fleet deploy the helm charts in to them for me (and that just means I have to evolve things as the pod security policies get retired and replaced in RKE2 down the line)