allowHostDirVolumePlugin: false allowHostIPC: false allowHostNetwork: false allowHostPID: false allowHostPorts: false allowPrivilegedContainer: false allowedCapabilities: [] allowedFlexVolumes: [] apiVersion: security.openshift.io/v1 defaultAddCapabilities: [] fsGroup: type: MustRunAs groups: [] kind: SecurityContextConstraints metadata: labels: relatedNamespace: {{ .Release.Namespace }} app: nexus {{- include "nexus-operator.metaLabels" . | nindent 4 }} name: nexus-{{ .Release.Namespace }} priority: 1 readOnlyRootFilesystem: false requiredDropCapabilities: [] runAsUser: type: MustRunAs uid: 200 seLinuxContext: type: MustRunAs supplementalGroups: type: RunAsAny users: - system:serviceaccount:{{ .Release.Namespace }}:{{ .Values.nexus.serviceAccountName }} volumes: - configMap - downwardAPI - emptyDir - persistentVolumeClaim - projected - secret