From 43522548f7b1ea184a041d6dde97fe5227a6ac32 Mon Sep 17 00:00:00 2001
From: Conan Scott <conanscott@gmail.com>
Date: Mon, 12 Jan 2026 21:19:45 +1100
Subject: [PATCH] removed old rolebinding for peanutflix

---
 manifests/scc/scc-restricted-hostpath.yaml | 38 ----------------------
 1 file changed, 38 deletions(-)
 delete mode 100644 manifests/scc/scc-restricted-hostpath.yaml

diff --git a/manifests/scc/scc-restricted-hostpath.yaml b/manifests/scc/scc-restricted-hostpath.yaml
deleted file mode 100644
index 21cd5b5..0000000
--- a/manifests/scc/scc-restricted-hostpath.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-apiVersion: security.openshift.io/v1
-kind: SecurityContextConstraints
-metadata:
-  name: restricted-hostpath
-allowHostDirVolumePlugin: true  # Needed for /dev/dri hostPath
-allowHostIPC: false
-allowHostNetwork: false
-allowHostPID: false
-allowHostPorts: false
-allowPrivilegeEscalation: false
-allowPrivilegedContainer: false
-allowedCapabilities: null
-defaultAddCapabilities: null
-fsGroup:
-  type: MustRunAs
-  ranges:
-    - min: 1000
-      max: 2000
-readOnlyRootFilesystem: false
-requiredDropCapabilities:
-  - ALL
-runAsUser:
-  type: MustRunAsRange
-  uidRangeMin: 1000
-  uidRangeMax: 2000
-seLinuxContext:
-  type: MustRunAs
-supplementalGroups:
-  type: RunAsAny
-volumes:
-  - configMap
-  - downwardAPI
-  - emptyDir
-  - hostPath  # This is what distinguishes it from restricted-s6
-  - persistentVolumeClaim
-  - projected
-  - secret
-priority: 6  # Higher than restricted-s6 (5) due to hostPath access
\ No newline at end of file