Description

This PR allows users of the Chart to declare custom security contexts for pods and containers. As a default, the hardcoded values from before are still delivered in the values.

By doing that, one could for example add a seccomp profile easily and the chart can be deployed to more restricted environments again.

In favor of a more readable and comprehensive solution, I dropped the global.openShiftRestricted flag. For non-open shift users, behavior is as before. OpenShift users need to overwrite the UID and GID in the values files now directly. The corresponding install command for open shift cluster is adapted to the new flags.

Additionally, I changed the used UID for kubeclarity image - again, for the sake of simplicity of the chart. As there is no USER directive in the Dockerfile or any other UID-bound commands (like mkdir / chmod / ... ) it should be just fine. I started it in local kind cluster and could not find any issue.

Resolves #626 and #599

Type of Change

[ ] Bug Fix
[X] New Feature
[ ] Breaking Change
[X] Refactor
[ ] Documentation
[ ] Other (please describe)

Checklist

• I have read the contributing guidelines
• Existing issues have been referenced (where applicable)
• I have verified this change is not present in other open pull requests
• Functionality is documented
• All code style checks pass
• New code contribution is covered by automated tests
• All new and existing tests pass