rancher-partner-charts/charts/weka/csi-wekafsplugin/2.4.1/templates/controllerserver-security-context-constraint.yaml

{{- if .Capabilities.APIVersions.Has "security.openshift.io/v1/SecurityContextConstraints" }}
kind: SecurityContextConstraints
apiVersion: security.openshift.io/v1
metadata:
  name: {{ .Release.Name }}-controller-scc

allowPrivilegedContainer: true
allowHostDirVolumePlugin: true
{{- if .Values.hostNetwork }}
allowHostNetwork: true
{{- end }}
allowedVolumeTypes:
  - hostPath
  - secret
readOnlyRootFilesystem: false

runAsUser:
  type: RunAsAny
seLinuxContext:
  type: RunAsAny
fsGroup:
  type: RunAsAny
supplementalGroups:
  type: RunAsAny
users:
  - system:serviceaccount:{{ .Release.Namespace }}:{{ .Release.Name }}-controller
{{- end }}