Upgrade security context of controller container to be compatible with "Restricted" official pod security standard

[gabor-one]

Currently, only the "runAsUser" option is set in the controller's container securityContext.

securityContext:
            runAsUser: 101

Official Azure policies expect "allowPrivilegeEscalation" to be declared false. Kubernetes clusters should not allow container privilege escalation Azure policy Gatekeeper template: k8sazurev3noprivilegeescalation

I propose to upgrade the securityContext to match the official "restricted" pod security standard. Official pod security standards documentation.

Proposed securityContext:

spec:
  template:
    spec:
      containers:
        - name: controller
           securityContext:
             runAsUser: 101
             allowPrivilegeEscalation: false
             seccompProfile:
               type: RuntimeDefault
             capabilities:
               drop:
                 - ALL

[OliverMKing]

Working on #192 to address this.