From 568be18298c0e82c3db368727164643ebadba3e0 Mon Sep 17 00:00:00 2001
From: Chris Burke <christopher.burke@airnz.co.nz>
Date: Mon, 19 Sep 2022 12:43:16 +1200
Subject: [PATCH 1/2] fix: Change 'securityContext/capabilities/drop' from
 'all' to 'ALL'.

Signed-off-by: Chris Burke <christopher.burke@airnz.co.nz>
---
 cmd/build/helmify/static/values.yaml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/cmd/build/helmify/static/values.yaml b/cmd/build/helmify/static/values.yaml
index 216bf4274ea..52981ac782b 100644
--- a/cmd/build/helmify/static/values.yaml
+++ b/cmd/build/helmify/static/values.yaml
@@ -56,7 +56,7 @@ postUpgrade:
     allowPrivilegeEscalation: false
     capabilities:
       drop:
-      - all
+      - ALL
     readOnlyRootFilesystem: true
     runAsGroup: 999
     runAsNonRoot: true
@@ -94,7 +94,7 @@ postInstall:
     allowPrivilegeEscalation: false
     capabilities:
       drop:
-      - all
+      - ALL
     readOnlyRootFilesystem: true
     runAsGroup: 999
     runAsNonRoot: true
@@ -116,7 +116,7 @@ preUninstall:
     allowPrivilegeEscalation: false
     capabilities:
       drop:
-      - all
+      - ALL
     readOnlyRootFilesystem: true
     runAsGroup: 999
     runAsNonRoot: true
@@ -170,7 +170,7 @@ controllerManager:
     allowPrivilegeEscalation: false
     capabilities:
       drop:
-      - all
+      - ALL
     readOnlyRootFilesystem: true
     runAsGroup: 999
     runAsNonRoot: true
@@ -203,7 +203,7 @@ audit:
     allowPrivilegeEscalation: false
     capabilities:
       drop:
-      - all
+      - ALL
     readOnlyRootFilesystem: true
     runAsGroup: 999
     runAsNonRoot: true
@@ -223,7 +223,7 @@ crds:
     allowPrivilegeEscalation: false
     capabilities:
       drop:
-      - all
+      - ALL
     readOnlyRootFilesystem: true
     runAsGroup: 65532
     runAsNonRoot: true

From c49e260ac84c03d77d18d172e047f1a7c60d7aef Mon Sep 17 00:00:00 2001
From: Chris Burke <christopher.burke@airnz.co.nz>
Date: Tue, 20 Sep 2022 08:51:52 +1200
Subject: [PATCH 2/2] fix: Results of 'make manifests.

Signed-off-by: Chris Burke <christopher.burke@airnz.co.nz>
---
 manifest_staging/charts/gatekeeper/values.yaml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/manifest_staging/charts/gatekeeper/values.yaml b/manifest_staging/charts/gatekeeper/values.yaml
index 216bf4274ea..52981ac782b 100644
--- a/manifest_staging/charts/gatekeeper/values.yaml
+++ b/manifest_staging/charts/gatekeeper/values.yaml
@@ -56,7 +56,7 @@ postUpgrade:
     allowPrivilegeEscalation: false
     capabilities:
       drop:
-      - all
+      - ALL
     readOnlyRootFilesystem: true
     runAsGroup: 999
     runAsNonRoot: true
@@ -94,7 +94,7 @@ postInstall:
     allowPrivilegeEscalation: false
     capabilities:
       drop:
-      - all
+      - ALL
     readOnlyRootFilesystem: true
     runAsGroup: 999
     runAsNonRoot: true
@@ -116,7 +116,7 @@ preUninstall:
     allowPrivilegeEscalation: false
     capabilities:
       drop:
-      - all
+      - ALL
     readOnlyRootFilesystem: true
     runAsGroup: 999
     runAsNonRoot: true
@@ -170,7 +170,7 @@ controllerManager:
     allowPrivilegeEscalation: false
     capabilities:
       drop:
-      - all
+      - ALL
     readOnlyRootFilesystem: true
     runAsGroup: 999
     runAsNonRoot: true
@@ -203,7 +203,7 @@ audit:
     allowPrivilegeEscalation: false
     capabilities:
       drop:
-      - all
+      - ALL
     readOnlyRootFilesystem: true
     runAsGroup: 999
     runAsNonRoot: true
@@ -223,7 +223,7 @@ crds:
     allowPrivilegeEscalation: false
     capabilities:
       drop:
-      - all
+      - ALL
     readOnlyRootFilesystem: true
     runAsGroup: 65532
     runAsNonRoot: true