From 7979b35e7eaccae93b07988b626a286149ee30ae Mon Sep 17 00:00:00 2001
From: Conan Scott <conanscott@gmail.com>
Date: Mon, 12 Jan 2026 19:08:12 +1100
Subject: [PATCH] Removed redundant security directives removed scc anyuid (out
 of band)

---
 scc-updates.sh |  2 --
 values.yaml    | 17 +++++++++--------
 2 files changed, 9 insertions(+), 10 deletions(-)
 delete mode 100755 scc-updates.sh

diff --git a/scc-updates.sh b/scc-updates.sh
deleted file mode 100755
index f7944c8..0000000
--- a/scc-updates.sh
+++ /dev/null
@@ -1,2 +0,0 @@
-oc create sa peanutflix-sa -n peanutflix
-oc adm policy add-scc-to-user anyuid -z peanutflix-sa -n peanutflix
diff --git a/values.yaml b/values.yaml
index 9e0259d..cb9fa7d 100644
--- a/values.yaml
+++ b/values.yaml
@@ -88,14 +88,15 @@ pms:
   # -- Security context for PMS pods
   securityContext: {}
 
-  containerSecurityContext:
-    runAsNonRoot: true
-    allowPrivilegeEscalation: false
-    seccompProfile:
-      type: RuntimeDefault
-    capabilities:
-      drop:
-        - ALL
+  # Redundant for openshift
+  #  containerSecurityContext:
+  #    runAsNonRoot: true
+  #    allowPrivilegeEscalation: false
+  #    seccompProfile:
+  #      type: RuntimeDefault
+  #    capabilities:
+  #      drop:
+  #        - ALL
 
   # -- Enable process namespace sharing within the pod.
   shareProcessNamespace: false