Skip to content
This repository has been archived by the owner on Sep 26, 2023. It is now read-only.

Commit

Permalink
Stop setting seccompProfile on the operator pods
Browse files Browse the repository at this point in the history
This allows OpenShift to set the correct profile automatically for
backwards compatibility with OCP 4.10.

Signed-off-by: mprahl <[email protected]>
  • Loading branch information
mprahl committed Sep 19, 2023
1 parent 6ebf4a0 commit 62dab1f
Show file tree
Hide file tree
Showing 4 changed files with 0 additions and 12 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -367,8 +367,6 @@ spec:
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
- args:
- --health-probe-bind-address=:8081
- --metrics-bind-address=127.0.0.1:8080
Expand Down Expand Up @@ -405,8 +403,6 @@ spec:
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
securityContext:
runAsNonRoot: true
serviceAccountName: gatekeeper-operator-controller-manager
Expand Down
2 changes: 0 additions & 2 deletions config/default/manager_auth_proxy_patch.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,6 @@ spec:
name: https
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
Expand Down
2 changes: 0 additions & 2 deletions config/manager/manager.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,6 @@ spec:
imagePullPolicy: Always
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
Expand Down
4 changes: 0 additions & 4 deletions deploy/gatekeeper-operator.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -1704,8 +1704,6 @@ spec:
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
- args:
- --health-probe-bind-address=:8081
- --metrics-bind-address=127.0.0.1:8080
Expand Down Expand Up @@ -1742,8 +1740,6 @@ spec:
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
securityContext:
runAsNonRoot: true
serviceAccountName: gatekeeper-operator-controller-manager
Expand Down

0 comments on commit 62dab1f

Please sign in to comment.