reverted changes

Author: yairsappir

.circleci/tests/golden/wiz-outpost-lite/remediation-special-security-context.golden.yaml

@@ -1,17 +1,4 @@
 ---
-# Source: wiz-outpost-lite/templates/serviceaccount.yaml
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: sa-remediation-aws-rds-003
-  labels:
-    helm.sh/chart: "GOLDEN_STATIC_VALUE"
-    app.kubernetes.io/name: wiz-outpost-lite
-    app.kubernetes.io/instance: release-test
-    wiz.io/runner: "remediation-aws-rds-003"
-    app.kubernetes.io/version: "0.1.0"
-    app.kubernetes.io/managed-by: Helm
----
 # Source: wiz-outpost-lite/templates/credentials.secret.yaml
 apiVersion: v1
 kind: Secret
@@ -79,9 +66,6 @@ spec:
         app.kubernetes.io/instance: release-test
         wiz.io/runner: "remediation-aws-rds-003"
     spec:
-      serviceAccountName: sa-remediation-aws-rds-003
-      securityContext:
-        runAsNonRoot: false
       restartPolicy: Always
       containers:
         - name: wiz-outpost-lite-remediation-aws-rds-003
@@ -174,6 +158,8 @@ spec:
             capabilities:
               add:
               - SYS_ADMIN
+            seLinuxOptions:
+              type: spc_t
           volumeMounts:
             - mountPath: /var/wiz
               name: working-dir

.circleci/tests/golden/wiz-outpost-lite/remediation.golden.yaml

@@ -1,18 +1,4 @@
 ---
-# Source: wiz-outpost-lite/templates/serviceaccount.yaml
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: sa-remediation-aws-rds-003
-  namespace: release-helm-namespace
-  labels:
-    helm.sh/chart: "GOLDEN_STATIC_VALUE"
-    app.kubernetes.io/name: wiz-outpost-lite
-    app.kubernetes.io/instance: release-test
-    wiz.io/runner: "remediation-aws-rds-003"
-    app.kubernetes.io/version: "0.1.0"
-    app.kubernetes.io/managed-by: Helm
----
 # Source: wiz-outpost-lite/templates/credentials.secret.yaml
 apiVersion: v1
 kind: Secret
@@ -80,12 +66,6 @@ spec:
         app.kubernetes.io/instance: release-test
         wiz.io/runner: "remediation-aws-rds-003"
     spec:
-      serviceAccountName: sa-remediation-aws-rds-003
-      securityContext:
-        fsGroup: 1000
-        runAsGroup: 1000
-        runAsNonRoot: true
-        runAsUser: 1000
       restartPolicy: Always
       containers:
         - name: wiz-outpost-lite-remediation-aws-rds-003
@@ -175,17 +155,11 @@ spec:
             requests:
               memory: 1024M
           securityContext:
-            allowPrivilegeEscalation: false
             capabilities:
-              drop:
-              - ALL
-            privileged: false
-            readOnlyRootFilesystem: true
-            runAsGroup: 1000
-            runAsNonRoot: true
-            runAsUser: 1000
+              add:
+              - SYS_ADMIN
             seLinuxOptions:
-              type: container_t
+              type: spc_t
           volumeMounts:
             - mountPath: /var/wiz
               name: working-dir

.circleci/tests/golden/wiz-outpost-lite/vcs.golden.yaml

@@ -93,7 +93,7 @@ spec:
       restartPolicy: Always
       containers:
         - name: wiz-outpost-lite-vcs-event-triggered
-          image: "wizio.azurecr.io/outpost-lite-runner-vcs-event-triggered:0.1-latest"
+          image: "wizio.azurecr.io/outpost-lite-runner-vcs:0.1-latest"
           command: [ "/entrypoint"]
           imagePullPolicy: Always
           env:
@@ -236,7 +236,7 @@ spec:
       restartPolicy: Always
       containers:
         - name: wiz-outpost-lite-vcs-scheduled
-          image: "wizio.azurecr.io/outpost-lite-runner-vcs-scheduled:0.1-latest"
+          image: "wizio.azurecr.io/outpost-lite-runner-vcs:0.1-latest"
           command: [ "/entrypoint"]
           imagePullPolicy: Always
           env:

.circleci/tests/testfiles/wiz-outpost-lite/remediation-special-security-context.yaml

@@ -4,14 +4,12 @@ agent:
   clientSecret: "secret-2"
   outpostId: "my-outpost-id"
 
-# Using the new hierarchical structure
 runners:
   remediation-aws-rds-003:
     enabled: true
-    module: remediation  # Reference to the module type
-    # Using the override fields
-    podSecurityContextOverride:
+    podSecurityContext:
       runAsNonRoot: false
+    # Using the override fields
     containerSecurityContextOverride:
       capabilities:
         add:

wiz-outpost-lite/values.yaml

@@ -114,10 +114,14 @@ modules:
 
 runners:
   container-registry:
-    enabled: false  
+    enabled: false
   vcs-scheduled:
     enabled: false
+    image:
+      name: outpost-lite-runner-vcs
   vcs-event-triggered:
     enabled: false
+    image:
+      name: outpost-lite-runner-vcs
     concurrency: 4
     terminationGracePeriodSeconds: 300 # 5 minutes