Set RuntimeDefault as default seccompProfile in securityContext

[torredil]

Is this a bug fix or adding new feature?

Helm parameter

What is this PR about? / Why do we need it?

Note to reviewers: seccompProfile has now been set to RuntimeDefault, which uses the default seccomp profile provided by the container runtime. This helps to restrict the system calls the containers can make, enhancing security. Do note that this changes the current default (unspecified, thus Unconfined):

const (
    // SeccompProfileTypeUnconfined is when no seccomp profile is applied (A.K.A. unconfined).
    SeccompProfileTypeUnconfined SeccompProfileType = "Unconfined"
    // SeccompProfileTypeRuntimeDefault represents the default container runtime seccomp profile.
    SeccompProfileTypeRuntimeDefault SeccompProfileType = "RuntimeDefault"
    // SeccompProfileTypeLocalhost represents custom made profiles stored on the node's disk.
    SeccompProfileTypeLocalhost SeccompProfileType = "Localhost"
)

^ https://github.com/kubernetes/kubernetes/blob/6e8e1f53b09328849f655d38eae9bacbbeb3445e/pkg/apis/core/types.go#L3749C1-L3756C2

For more information, see https://kubernetes.io/docs/tutorials/security/seccomp/.

closes https://github.com/kubernetes-sigs/aws-ebs-csi-driver/issues/1882

What testing is done?

make verify && make test 
CI

[github-actions[bot]]

Code Coverage Diff

This PR does not change the code coverage

[ConnorJC3]

/approve

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ConnorJC3

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/master/OWNERS)~~ [ConnorJC3] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment