tidied up scc

templates/scc-rbac.yaml

@@ -1,27 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: vault-restricted-scc-role
-rules:
-- apiGroups:
-  - security.openshift.io
-  resources:
-  - securitycontextconstraints
-  resourceNames:
-  - vault-restricted
-  verbs:
-  - use
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: vault-restricted-scc-binding
-  namespace: {{ .Release.Namespace }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: vault-restricted-scc-role
-subjects:
-- kind: ServiceAccount
-  name: vault
-  namespace: {{ .Release.Namespace }}

templates/scc.yaml

@@ -1,24 +0,0 @@
-kind: SecurityContextConstraints
-apiVersion: security.openshift.io/v1
-metadata:
-  name: vault-restricted
-allowPrivilegedContainer: false
-allowHostDirVolumePlugin: false
-allowHostIPC: false
-allowHostNetwork: false
-allowHostPID: false
-allowHostPorts: false
-runAsUser:
-  type: MustRunAs
-  uid: 100
-seLinuxContext:
-  type: MustRunAs
-fsGroup:
-  type: MustRunAs
-supplementalGroups:
-  type: RunAsAny
-defaultAddCapabilities: []
-requiredDropCapabilities:
-- ALL
-users: []
-groups: []