{{ if eq .Values.global.platform "openshift" }} allowHostDirVolumePlugin: false allowHostIPC: false allowHostNetwork: false allowHostPID: false allowHostPorts: false allowPrivilegedContainer: false allowedCapabilities: [] allowedFlexVolumes: [] apiVersion: security.openshift.io/v1 defaultAddCapabilities: [] fsGroup: type: MustRunAs ranges: - max: 0 min: 0 groups: [] kind: SecurityContextConstraints metadata: annotations: "helm.sh/hook": "pre-install" labels: app: jenkins {{- include "jenkins-operator.labels" . | nindent 4 }} name: jenkins-{{.Values.global.edpName}} priority: 1 readOnlyRootFilesystem: false requiredDropCapabilities: [] runAsUser: type: MustRunAs uid: 999 seLinuxContext: type: MustRunAs supplementalGroups: type: RunAsAny users: - system:serviceaccount:{{.Values.global.edpName}}:jenkins volumes: - configMap - downwardAPI - emptyDir - persistentVolumeClaim - projected - secret {{end}}