redis · kaitlynmichael · Apr 15, 2025 · Apr 15, 2025 · Apr 15, 2025
diff --git a/content/embeds/k8s/multi-ns_role.md b/content/embeds/k8s/multi-ns_role.md
@@ -8,7 +8,12 @@ metadata:
 rules:
   - apiGroups:
       - app.redislabs.com
-    resources: ["redisenterprisedatabases", "redisenterprisedatabases/status", "redisenterprisedatabases/finalizers"]
+    resources: ["redisenterprisedatabases",
+                "redisenterprisedatabases/status",
+                "redisenterprisedatabases/finalizers",
+                "redisenterpriseactiveactivedatabases",
+                "redisenterpriseactiveactivedatabases/status",
+                "redisenterpriseactiveactivedatabases/finalizers"]
     verbs: ["delete", "get", "list", "patch", "create", "update", "watch"]
   - apiGroups: [""]
     resources: ["secrets"]
@@ -18,7 +23,7 @@ rules:
     verbs: ["get", "list", "watch"]
   - apiGroups: [""]
     resources: ["events"]
-    verbs: ["create"]
+    verbs: ["create", "patch"]
   - apiGroups: [""]
     resources: ["services"]
     verbs: ["get", "list", "update", "patch", "create", "delete", "watch"]

diff --git a/content/embeds/k8s/openshift_rec.md b/content/embeds/k8s/openshift_rec.md
@@ -26,7 +26,7 @@ spec:
       memory: 4Gi
   redisEnterpriseImageSpec:
     repository: registry.connect.redhat.com/redislabs/redis-enterprise
-    versionTag: 7.8.6-13
+    versionTag: 7.22.0-28
   redisEnterpriseServicesRiggerImageSpec:
     repository: registry.connect.redhat.com/redislabs/services-manager
   bootstrapperImageSpec:

diff --git a/content/embeds/k8s/openshift_role.md b/content/embeds/k8s/openshift_role.md
@@ -72,6 +72,18 @@ rules:
       - update
       - list
       - watch
+  - apiGroups:
+      - batch
+    resources:
+      - cronjobs
+    verbs:
+      - create
+      - delete
+      - get
+      - patch
+      - update
+      - list
+      - watch
   - apiGroups:
       - policy
     resources:
@@ -169,7 +181,7 @@ rules:
   - apiGroups:
       - security.openshift.io
     resourceNames:
-      - nonroot
+      - nonroot-v2
     resources:
       - securitycontextconstraints
     verbs:

diff --git a/content/embeds/k8s/openshift_scc.md b/content/embeds/k8s/openshift_scc.md
@@ -4,15 +4,15 @@ kind: SecurityContextConstraints
 metadata:
   name: redis-enterprise-scc-v2
   annotations:
-    kubernetes.io/description: redis-enterprise-scc-v2 is the minimal SCC needed to run Redis Enterprise nodes on Kubernetes. It provides the same features as restricted-v2 SCC, but allows pods to enable the SYS_RESOURCE capability, which is required by Redis Enterprise nodes to manage file descriptor limits and OOM scores for database shards. Additionally, it requires pods to run as UID/GID 1001, which are the UID/GID used within the Redis Enterprise node containers.
+    kubernetes.io/description: redis-enterprise-scc-v2 is the minimal SCC needed to run Redis Enterprise nodes on Kubernetes with automatic FD limit adjustment enabled. It provides the same features as restricted-v2 SCC, but allows pods to enable the SYS_RESOURCE capability, which is required by Redis Enterprise nodes to manage file descriptor limits and OOM scores for database shards. Additionally, it requires pods to run as UID/GID 1001, which are the UID/GID used within the Redis Enterprise node containers.
 allowedCapabilities:
   - SYS_RESOURCE
 allowHostDirVolumePlugin: false
 allowHostIPC: false
 allowHostNetwork: false
 allowHostPID: false
 allowHostPorts: false
-allowPrivilegeEscalation: false
+allowPrivilegeEscalation: true
 allowPrivilegedContainer: false
 readOnlyRootFilesystem: false
 runAsUser:

diff --git a/content/embeds/k8s/role.md b/content/embeds/k8s/role.md
@@ -72,6 +72,18 @@ rules:
       - update
       - list
       - watch
+  - apiGroups:
+      - batch
+    resources:
+      - cronjobs
+    verbs:
+      - create
+      - delete
+      - get
+      - patch
+      - update
+      - list
+      - watch
   - apiGroups:
       - policy
     resources: