From 0eabe32b76340a838603c91178ce17e949fa473b Mon Sep 17 00:00:00 2001
From: ShravaniVangur <shravanivangur@gmail.com>
Date: Wed, 14 Aug 2024 17:22:59 +0530
Subject: [PATCH] deploy: setting RequiredDropCapabilities to ALL for ceph-csi
 scc

This commit sets the RequiredDropCapabilities of ceph-csi to "ALL".

Signed-off-by: ShravaniVangur <shravanivangur@gmail.com>
---
 api/deploy/ocp/scc.yaml                                 | 2 ++
 deploy/scc.yaml                                         | 2 ++
 vendor/github.com/ceph/ceph-csi/api/deploy/ocp/scc.yaml | 2 ++
 3 files changed, 6 insertions(+)

diff --git a/api/deploy/ocp/scc.yaml b/api/deploy/ocp/scc.yaml
index 921a651a3..2fa075779 100644
--- a/api/deploy/ocp/scc.yaml
+++ b/api/deploy/ocp/scc.yaml
@@ -20,6 +20,8 @@ allowHostPID: true
 allowHostIPC: true
 # Set to false as we write to RootFilesystem inside csi containers
 readOnlyRootFilesystem: false
+requiredDropCapabilities:
+  - ALL
 runAsUser:
   type: RunAsAny
 seLinuxContext:
diff --git a/deploy/scc.yaml b/deploy/scc.yaml
index 592fd2748..fbc4961a2 100644
--- a/deploy/scc.yaml
+++ b/deploy/scc.yaml
@@ -27,6 +27,8 @@ allowHostPID: true
 allowHostIPC: true
 # Set to false as we write to RootFilesystem inside csi containers
 readOnlyRootFilesystem: false
+requiredDropCapabilities:
+  - ALL
 runAsUser:
   type: RunAsAny
 seLinuxContext:
diff --git a/vendor/github.com/ceph/ceph-csi/api/deploy/ocp/scc.yaml b/vendor/github.com/ceph/ceph-csi/api/deploy/ocp/scc.yaml
index 921a651a3..2fa075779 100644
--- a/vendor/github.com/ceph/ceph-csi/api/deploy/ocp/scc.yaml
+++ b/vendor/github.com/ceph/ceph-csi/api/deploy/ocp/scc.yaml
@@ -20,6 +20,8 @@ allowHostPID: true
 allowHostIPC: true
 # Set to false as we write to RootFilesystem inside csi containers
 readOnlyRootFilesystem: false
+requiredDropCapabilities:
+  - ALL
 runAsUser:
   type: RunAsAny
 seLinuxContext: