From d47b8e44ef49ec8796501da755e2da24dc676197 Mon Sep 17 00:00:00 2001
From: mprahl <mprahl@users.noreply.github.com>
Date: Tue, 19 Sep 2023 15:02:18 -0400
Subject: [PATCH] Stop setting seccompProfile on the operator pods

This allows OpenShift to set the correct profile automatically for
backwards compatibility with OCP 4.10.

Signed-off-by: mprahl <mprahl@users.noreply.github.com>
---
 .../manifests/gatekeeper-operator.clusterserviceversion.yaml  | 4 ----
 config/default/manager_auth_proxy_patch.yaml                  | 2 --
 config/manager/manager.yaml                                   | 2 --
 deploy/gatekeeper-operator.yaml                               | 4 ----
 4 files changed, 12 deletions(-)

diff --git a/bundle/manifests/gatekeeper-operator.clusterserviceversion.yaml b/bundle/manifests/gatekeeper-operator.clusterserviceversion.yaml
index 32d0c469..78f36800 100644
--- a/bundle/manifests/gatekeeper-operator.clusterserviceversion.yaml
+++ b/bundle/manifests/gatekeeper-operator.clusterserviceversion.yaml
@@ -367,8 +367,6 @@ spec:
                   capabilities:
                     drop:
                     - ALL
-                  seccompProfile:
-                    type: RuntimeDefault
               - args:
                 - --health-probe-bind-address=:8081
                 - --metrics-bind-address=127.0.0.1:8080
@@ -405,8 +403,6 @@ spec:
                   capabilities:
                     drop:
                     - ALL
-                  seccompProfile:
-                    type: RuntimeDefault
               securityContext:
                 runAsNonRoot: true
               serviceAccountName: gatekeeper-operator-controller-manager
diff --git a/config/default/manager_auth_proxy_patch.yaml b/config/default/manager_auth_proxy_patch.yaml
index dcb77d3d..f4642f46 100644
--- a/config/default/manager_auth_proxy_patch.yaml
+++ b/config/default/manager_auth_proxy_patch.yaml
@@ -22,8 +22,6 @@ spec:
           name: https
         securityContext:
           allowPrivilegeEscalation: false
-          seccompProfile:
-            type: RuntimeDefault
           capabilities:
             drop:
             - ALL
diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml
index 8e5cdce7..f023562c 100644
--- a/config/manager/manager.yaml
+++ b/config/manager/manager.yaml
@@ -34,8 +34,6 @@ spec:
         imagePullPolicy: Always
         securityContext:
           allowPrivilegeEscalation: false
-          seccompProfile:
-            type: RuntimeDefault
           capabilities:
             drop:
             - ALL
diff --git a/deploy/gatekeeper-operator.yaml b/deploy/gatekeeper-operator.yaml
index 4cd6e221..7d72df45 100644
--- a/deploy/gatekeeper-operator.yaml
+++ b/deploy/gatekeeper-operator.yaml
@@ -1704,8 +1704,6 @@ spec:
           capabilities:
             drop:
             - ALL
-          seccompProfile:
-            type: RuntimeDefault
       - args:
         - --health-probe-bind-address=:8081
         - --metrics-bind-address=127.0.0.1:8080
@@ -1742,8 +1740,6 @@ spec:
           capabilities:
             drop:
             - ALL
-          seccompProfile:
-            type: RuntimeDefault
       securityContext:
         runAsNonRoot: true
       serviceAccountName: gatekeeper-operator-controller-manager