docs(install): fix broken OpenShift namespaces link

mvanhorn · tekton-robot · commit a2af4387af9a · 2026-05-22T08:54:23.000+02:00
The previous link (docs.openshift.com/container-platform/latest/welcome/
index.html#about-namespaces) redirected to a generic Welcome page where
the #about-namespaces anchor no longer resolves to the relevant section.

Replace with the canonical docs.redhat.com page for 'Working with
projects', which contains the exact 'Do not run workloads in or share
access to default projects' guidance that matches the link text and
explains the 'highly privileged' classification of the default project.

Signed-off-by: Matt Van Horn &lt;455140+mvanhorn@users.noreply.github.com&gt;
diff --git a/docs/install.md b/docs/install.md
@@ -37,6 +37,6 @@ To configure images from a custom registry, follow the [Air Gap Configuration](.
 
 On OpenShift, the `default` namespace is classified as a "highly privileged" system namespace. Pod Security Admission (PSA) label synchronization is permanently disabled there by the platform, so even though the operator correctly creates the `pipeline` ServiceAccount and RBAC bindings in `default`, PipelineRuns submitted to that namespace fail with `permissionDenied` errors: PSA enforces the `restricted` profile and the SCC-to-PSA label sync never runs.
 
-User-created namespaces are not affected because the Cluster Policy Controller automatically syncs SCC privileges into PSA labels. The OpenShift documentation has the same guidance ([Do not run workloads in or share access to default projects](https://docs.openshift.com/container-platform/latest/welcome/index.html#about-namespaces)).
+User-created namespaces are not affected because the Cluster Policy Controller automatically syncs SCC privileges into PSA labels. The OpenShift documentation has the same guidance ([Do not run workloads in or share access to default projects](https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/building_applications/projects)).
 
 Run pipelines in a dedicated namespace instead of `default` on OpenShift. See [tektoncd/operator#3427](https://github.com/tektoncd/operator/issues/3427) for the original report.
