From 4c55dc026bea04139f412346db92ed150920c930 Mon Sep 17 00:00:00 2001
From: psychosis448 <psychosis448@protonmail.com>
Date: Wed, 26 Jan 2022 20:33:46 +0100
Subject: [PATCH 1/2] add default seccomp profile

---
 config/101-podsecuritypolicy.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/config/101-podsecuritypolicy.yaml b/config/101-podsecuritypolicy.yaml
index f275c99f549..8606cda71ab 100644
--- a/config/101-podsecuritypolicy.yaml
+++ b/config/101-podsecuritypolicy.yaml
@@ -21,6 +21,7 @@ metadata:
     app.kubernetes.io/part-of: tekton-pipelines
   annotations:
     seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default,runtime/default'
+    seccomp.security.alpha.kubernetes.io/defaultProfileName: runtime/default
     apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default'
     apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
 spec:

From cf75161580ff4d995beb9a57a720c7a316fb44d3 Mon Sep 17 00:00:00 2001
From: psychosis448 <psychosis448@protonmail.com>
Date: Thu, 3 Feb 2022 22:14:17 +0100
Subject: [PATCH 2/2] properly quote default seccomp profile

---
 config/101-podsecuritypolicy.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/101-podsecuritypolicy.yaml b/config/101-podsecuritypolicy.yaml
index 8606cda71ab..f5f602d6e9b 100644
--- a/config/101-podsecuritypolicy.yaml
+++ b/config/101-podsecuritypolicy.yaml
@@ -21,7 +21,7 @@ metadata:
     app.kubernetes.io/part-of: tekton-pipelines
   annotations:
     seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default,runtime/default'
-    seccomp.security.alpha.kubernetes.io/defaultProfileName: runtime/default
+    seccomp.security.alpha.kubernetes.io/defaultProfileName: 'runtime/default'
     apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default'
     apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
 spec: