Grant Tekton additional privileges on OpenShift

[adambkaplan]

When deploying Tekton on openshift, grant the tekton-pipelines-
controller use of the priveleged security context constraint. This
will let the Tekton controller create privileged containers. Build
strategies such as buildah currently require use of the priveleged SCC.

Fixes #378

[openshift-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
To complete the pull request process, please assign adambkaplan
You can assign the PR to them by writing /assign @adambkaplan in a comment when ready.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[adambkaplan]

/assign @SaschaSchwarze0

[SaschaSchwarze0]

/test 4.4-unit

[SaschaSchwarze0]

@adambkaplan this code is vendor-specific. We feel this is not suitable for upstream. We have similar use cases in our service that we handle downstream, like (in the build operator deployment) specifying the number of replicas and the pod anti-affinity rules. If you feel this needs to be in shipwright, then let's maybe discuss it on Monday.

[adambkaplan]

That's fair to not include vendor-specific code. Perhaps we document this as an additional installation step for folks using OKD/OpenShift?

[adambkaplan]

/close

This will be addressed in openshift/okd specific documentation.

[openshift-ci-robot]

@adambkaplan: Closed this PR.

In response to this:

/close

This will be addressed in openshift/okd specific documentation.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.