From c0d439cff9730e67a54d85e12dbfdcb3f118fe02 Mon Sep 17 00:00:00 2001
From: Andrej Krejcir <akrejcir@redhat.com>
Date: Thu, 19 Aug 2021 12:02:12 +0200
Subject: [PATCH] Change securityContext on operator, so that scc is
 'restricted'

This change will allow the SCC to be 'restricted',
otherwise it will be 'privileged'

Signed-off-by: Andrej Krejcir <akrejcir@redhat.com>
---
 config/manager/manager.template.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/manager/manager.template.yaml b/config/manager/manager.template.yaml
index 851db2603..3b1089eb3 100644
--- a/config/manager/manager.template.yaml
+++ b/config/manager/manager.template.yaml
@@ -19,7 +19,7 @@ spec:
       serviceAccountName: ssp-operator
       priorityClassName: system-cluster-critical
       securityContext:
-        runAsUser: 1000
+        runAsNonRoot: true
       containers:
       - command:
         - /manager