From 9954ce1e9910d9dc1e624cb9ea7e73f5e6ded40f Mon Sep 17 00:00:00 2001
From: Ciara Stacke <c.stacke@f5.com>
Date: Thu, 13 Apr 2023 10:35:08 +0100
Subject: [PATCH] fix: update SCC

---
 resources/scc.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/resources/scc.yaml b/resources/scc.yaml
index b95b83a3..717846cc 100644
--- a/resources/scc.yaml
+++ b/resources/scc.yaml
@@ -3,7 +3,7 @@ kind: SecurityContextConstraints
 apiVersion: security.openshift.io/v1
 metadata:
   name: nginx-ingress-admin
-allowPrivilegedContainer: true
+allowPrivilegedContainer: false
 runAsUser:
   type: MustRunAs
   uid: 101
@@ -19,10 +19,10 @@ allowHostPorts: false
 allowHostDirVolumePlugin: false
 allowHostIPC: false
 readOnlyRootFilesystem: false
+seccompProfiles:    
+- runtime/default
 volumes:
  - secret
-defaultAddCapabilities:
- - "NET_BIND_SERVICE"
 requiredDropCapabilities:
  - ALL
 users: