fix scc

charts/ingress-nginx/templates/default-backend-role.yaml

@@ -1,4 +1,4 @@
-{{- if and .Values.rbac.create (or .Values.podSecurityPolicy.enabled .Values.securityContextConstraints.enabled) .Values.defaultBackend.enabled -}}
+{{- if and .Values.rbac.create .Values.podSecurityPolicy.enabled .Values.defaultBackend.enabled -}}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
@@ -11,24 +11,9 @@ metadata:
   name: {{ include "ingress-nginx.fullname" . }}-backend
   namespace: {{ include "ingress-nginx.namespace" . }}
 rules:
-{{- if .Values.securityContextConstraints.enabled }}
-  - apiGroups:      [{{ template "podSecurityPolicy.apiGroup" . }}]
-    resources:      ['podsecuritypolicies']
-    verbs:          ['use']
-    {{- with .Values.defaultBackend.existingPsp }}
-    resourceNames:  [{{ . }}]
-    {{- else }}
-    resourceNames:  [{{ include "ingress-nginx.fullname" . }}-backend]
-    {{- end }}
-{{- end }}
-{{- if .Values.securityContextConstraints.enabled }}
   - apiGroups: ['security.openshift.io']
     resources: ['securitycontextconstraints']
     verbs:          ['use']
-    {{- with .Values.defaultBackend.existingScc }}
-    resourceNames:  [{{ . }}]
-    {{- else }}
     resourceNames:  [{{ include "ingress-nginx.fullname" . }}-backend]
-    {{- end }}
+
-{{- end }}
 {{- end }}

charts/ingress-nginx/templates/default-backend-scc.yaml

@@ -1,5 +1,5 @@
-apiVersion: policy/v1beta1
+apiVersion: security.openshift.io/v1
-kind: PodSecurityPolicy
+kind: SecurityContextConstraints
 metadata:
   name: {{ include "ingress-nginx.fullname" . }}-backend
   labels: