scripts/packageserver-deployment.patch.yaml

- command: update
  path: spec.install.spec.deployments[0].spec.template.metadata.annotations."target.workload.openshift.io/management"
  value: '{"effect": "PreferredDuringScheduling"}'
- command: update
  path: spec.install.spec.deployments[0].spec.template.spec.priorityClassName
  value: system-cluster-critical
- command: update
  path: spec.cleanup.enabled
  value: false
- command: update
  path: spec.customresourcedefinitions
  value: {}
- command: update
  path: spec.install.spec.deployments[0].spec.template.spec.containers[0].ports[0].protocol
  value: TCP
- command: update
  path: spec.install.spec.deployments[0].spec.template.metadata.creationTimestamp
  value: null
- command: update
  path: metadata.annotations
  value:
    include.release.openshift.io/self-managed-high-availability: "true"
    include.release.openshift.io/ibm-cloud-managed: "true"
- command: update
  path: spec.install.spec.deployments[0].spec.template.spec.affinity
  value:
    podAntiAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
      - labelSelector:
          matchExpressions:
          - key: app
            operator: In
            values:
            - packageserver
        topologyKey: "kubernetes.io/hostname"
- command: update
  path: spec.install.spec.deployments[0].spec.template.spec.containers[*].securityContext
  value:
    allowPrivilegeEscalation: false
    capabilities:
      drop: ["ALL"]
- command: update
  path: spec.install.spec.deployments[0].spec.template.spec.securityContext
  value:
    runAsNonRoot: true
    seccompProfile:
      type: RuntimeDefault