From 2a146b512dd38c92f97667218ca34a6cf7e91e90 Mon Sep 17 00:00:00 2001
From: souravbiswassanto <saurov@appscode.com>
Date: Fri, 9 Feb 2024 15:20:53 +0600
Subject: [PATCH] remove code Signed-off-by: souravbiswassanto
 <saurov@appscode.com>

---
 apis/kubedb/v1alpha2/postgres_helpers.go | 33 ------------------------
 1 file changed, 33 deletions(-)

diff --git a/apis/kubedb/v1alpha2/postgres_helpers.go b/apis/kubedb/v1alpha2/postgres_helpers.go
index 78f2fb222f..fad3565c0c 100644
--- a/apis/kubedb/v1alpha2/postgres_helpers.go
+++ b/apis/kubedb/v1alpha2/postgres_helpers.go
@@ -337,42 +337,9 @@ func (p *Postgres) setDefaultContainerSecurityContext(podTemplate *ofst.PodTempl
 	if podTemplate.Spec.SecurityContext.FSGroup == nil {
 		podTemplate.Spec.SecurityContext.FSGroup = pgVersion.Spec.SecurityContext.RunAsUser
 	}
-	p.setDefaultCapabilitiesForPostgres(podTemplate.Spec.ContainerSecurityContext)
 	p.assignDefaultContainerSecurityContext(podTemplate.Spec.ContainerSecurityContext, pgVersion)
 }
 
-func (p *Postgres) setDefaultCapabilitiesForPostgres(sc *core.SecurityContext) {
-	if sc.Capabilities == nil {
-		sc.Capabilities = &core.Capabilities{
-			Drop: []core.Capability{"ALL"},
-		}
-	} else if sc.Capabilities.Drop == nil && p.matchedPreviousCapabilities(sc) {
-		sc.Capabilities = &core.Capabilities{
-			Drop: []core.Capability{"ALL"},
-		}
-	}
-}
-
-func (p *Postgres) matchedPreviousCapabilities(sc *core.SecurityContext) bool {
-	caps := sc.Capabilities.Add
-	capPattern := []core.Capability{IPS_LOCK, SYS_RESOURCE}
-	if len(caps) != len(capPattern) {
-		return false
-	}
-	for i := range caps {
-		found := false
-		for _, capability := range capPattern {
-			if caps[i] == capability {
-				found = true
-			}
-		}
-		if !found {
-			return false
-		}
-	}
-	return true
-}
-
 func (p *Postgres) assignDefaultContainerSecurityContext(sc *core.SecurityContext, pgVersion *catalog.PostgresVersion) {
 	if sc.AllowPrivilegeEscalation == nil {
 		sc.AllowPrivilegeEscalation = pointer.BoolP(false)