Merge pull request IBM#52 from IBM/ashima

ashimagarg27 · web-flow · commit db5024e15ff3 · 2024-11-04T15:37:32.000+05:30
remove seccomp
diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml
@@ -6,7 +6,7 @@ resources:
 - bases/objectdriver.csi.ibm.com_recoverstalevolumes.yaml
 #+kubebuilder:scaffold:crdkustomizeresource
 
-patchesStrategicMerge:
+patches:
 # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
 # patches here are for enabling the conversion webhook for each CRD
 #- patches/webhook_in_ibmobjectcsis.yaml
diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml
@@ -8,11 +8,7 @@ namespace: ibm-object-csi-operator
 # field above.
 namePrefix: ibm-object-csi-operator-
 
-# Labels to add to all resources and selectors.
-#commonLabels:
-#  someName: someValue
-
-bases:
+resources:
 - ../crd
 - ../rbac
 - ../manager
@@ -24,11 +20,11 @@ bases:
 # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'.
 #- ../prometheus
 
-patchesStrategicMerge:
+patches:
 # Protect the /metrics endpoint by putting it behind auth.
 # If you want your controller-manager to expose the /metrics
 # endpoint w/o any authn/z, please comment the following line.
-- manager_auth_proxy_patch.yaml
+- path: manager_auth_proxy_patch.yaml
 
 
 
diff --git a/config/samples/csi_v1alpha1_ibmobjectcsi.yaml b/config/samples/csi_v1alpha1_ibmobjectcsi.yaml
@@ -12,7 +12,7 @@ spec:
   # and csi-provisioner, csi-attacher, csi-snapshotter and livenessprobe sidecars.
   controller:
     repository: icr.io/ibm/ibm-object-csi-driver
-    tag: "v0.1.8"
+    tag: "v0.1.14"
     imagePullPolicy: IfNotPresent
     resources:
       limits:
@@ -55,7 +55,7 @@ spec:
   # and csi-node-driver-registrar and livenessprobe sidecars.
   node:
     repository: icr.io/ibm/ibm-object-csi-driver
-    tag: "v0.1.8"
+    tag: "v0.1.14"
     imagePullPolicy: Always
 
   sidecars:
diff --git a/controllers/syncer/csi_controller.go b/controllers/syncer/csi_controller.go
@@ -160,16 +160,12 @@ func (s *csiControllerSyncer) ensureContainersSpec() []corev1.Container {
 func (s *csiControllerSyncer) ensureContainer(name, image string, args []string) corev1.Container {
 	sc := &corev1.SecurityContext{
 		AllowPrivilegeEscalation: util.False(),
-		SeccompProfile: &corev1.SeccompProfile{
-			Type: corev1.SeccompProfileTypeRuntimeDefault,
-		},
 	}
 	fillSecurityContextCapabilities(sc)
 	return corev1.Container{
-		Name:  name,
-		Image: image,
-		Args:  args,
-		//EnvFrom:         s.getEnvSourcesFor(name),
+		Name:            name,
+		Image:           image,
+		Args:            args,
 		Env:             s.getEnvFor(name),
 		VolumeMounts:    s.getVolumeMountsFor(name),
 		SecurityContext: sc,
diff --git a/controllers/syncer/csi_node.go b/controllers/syncer/csi_node.go
@@ -157,9 +157,6 @@ func (s *csiNodeSyncer) ensureContainersSpec() []corev1.Container {
 	registrar.SecurityContext = &corev1.SecurityContext{RunAsNonRoot: util.False(),
 		RunAsUser:  func(uid int64) *int64 { return &uid }(0),
 		Privileged: util.False(),
-		SeccompProfile: &corev1.SeccompProfile{
-			Type: corev1.SeccompProfileTypeRuntimeDefault,
-		},
 	}
 	fillSecurityContextCapabilities(registrar.SecurityContext)
 	registrar.ImagePullPolicy = s.getCSINodeDriverRegistrarPullPolicy()
