fix(helm): scc indentation (#492)

razvan · web-flow · commit 9bba989bb87a · 2024-08-19T10:04:52.000Z
diff --git a/deploy/helm/secret-operator/templates/roles.yaml b/deploy/helm/secret-operator/templates/roles.yaml
@@ -1,39 +1,39 @@
 {{ if .Capabilities.APIVersions.Has "security.openshift.io/v1" }}
 ---
-    apiVersion: security.openshift.io/v1
-    kind: SecurityContextConstraints
-    metadata:
-      name: stackable-secret-operator-scc
-      annotations:
-        kubernetes.io/description: SCC for Stackable secret operator
-    allowHostDirVolumePlugin: true
-    allowHostIPC: false
-    allowHostNetwork: false
-    allowHostPID: false
-    allowHostPorts: false
-    allowPrivilegeEscalation: true
-    allowPrivilegedContainer: true # Needed because otherwise we get spec.template.spec.containers[0].volumeMounts.mountPropagation: Forbidden: Bidirectional mount propagation is available only to privileged containers
-    allowedCapabilities: null
-    defaultAddCapabilities: null
-    fsGroup:
-      type: RunAsAny
-    groups: []
-    priority: null
-    readOnlyRootFilesystem: false
-    requiredDropCapabilities:
-    - MKNOD
-    runAsUser:
-      type: RunAsAny
-    seLinuxContext:
-      type: MustRunAs
-    supplementalGroups:
-      type: RunAsAny
-    users: []
-    volumes:
-    - downwardAPI
-    - projected
-    - hostPath
-    - emptyDir
+apiVersion: security.openshift.io/v1
+kind: SecurityContextConstraints
+metadata:
+  name: stackable-secret-operator-scc
+  annotations:
+    kubernetes.io/description: SCC for Stackable secret operator
+allowHostDirVolumePlugin: true
+allowHostIPC: false
+allowHostNetwork: false
+allowHostPID: false
+allowHostPorts: false
+allowPrivilegeEscalation: true
+allowPrivilegedContainer: true # Needed because otherwise we get spec.template.spec.containers[0].volumeMounts.mountPropagation: Forbidden: Bidirectional mount propagation is available only to privileged containers
+allowedCapabilities: null
+defaultAddCapabilities: null
+fsGroup:
+  type: RunAsAny
+groups: []
+priority: null
+readOnlyRootFilesystem: false
+requiredDropCapabilities:
+- MKNOD
+runAsUser:
+  type: RunAsAny
+seLinuxContext:
+  type: MustRunAs
+supplementalGroups:
+  type: RunAsAny
+users: []
+volumes:
+- downwardAPI
+- projected
+- hostPath
+- emptyDir
 {{ end  }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
