security: Added qatlib scc yaml

Resolves intel#122
qatlib scc for IPC_LOCK in security/
qatlib needs to run as root
SCC based on OCP default restricted-v2 SCC, with root permissions
Used for intel#117

Signed-off-by: vbedida79 <veenadhari.bedida@intel.com>

security/qatlib_scc.yaml

@@ -0,0 +1,42 @@
+# Copyright (c) 2023 Intel Corporation
+# SPDX-License-Identifier: Apache-2.0
+
+apiVersion: security.openshift.io/v1
+allowHostDirVolumePlugin: false
+allowHostIPC: false
+allowHostNetwork: false
+allowHostPID: false
+allowHostPorts: false
+allowPrivilegeEscalation: false
+allowPrivilegedContainer: false
+allowedCapabilities: 
+- IPC_LOCK
+defaultAddCapabilities: null
+fsGroup:
+   type: MustRunAs
+groups: []
+kind: SecurityContextConstraints
+metadata:
+  annotations:
+    kubernetes.io/description: 'SCC to use IPC_LOCK capability for qatlib pod'
+  name: intel-qat-scc
+priority: null
+readOnlyRootFilesystem: false
+requiredDropCapabilities:
+- ALL
+runAsUser:
+  type: RunAsAny
+seLinuxContext:
+  type: MustRunAs
+supplementalGroups:
+  type: RunAsAny
+seccompProfiles:
+- runtime/default
+volumes:
+- configMap
+- downwardAPI
+- emptyDir
+- ephemeral
+- persistentVolumeClaim
+- projected
+- secret