Enable the helm chart users to customize the Security Context config.

[zamsong123]

<

What would you like to be added: Enable the helm chart users to customize the Security Context config.

Why is this needed: For some of the enterprise users of the helm chart, there could be some security context check in the K8s clusters. e.g. runAsNonRoot must be set to "true" So it will be nice if we could enable the helm chart uses to config.

[zamsong123]

After analysis of the helm chart I notice there are 4 changes needed for this change:

1. daemonset under splunk-kubernetes-logging
2. daemonset under splunk-kubernetes-metrics
3. deploymentMetricsAggregator under splunk-kubernetes-metrics
4. deployment under splunk-kubernetes-objects

I will create a PR to make the change

[zamsong123]

Did some testing and below is the output: splunk-connect-for-kubernetes % helm template . | grep securityContext -A10 securityContext: allowPrivilegeEscalation: false capabilities: drop:

• ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seccompProfile: type: RuntimeDefault2222222

  securityContext:
    allowPrivilegeEscalation: false
    capabilities:
      drop:

• ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seccompProfile: type: RuntimeDefault44444

  securityContext:
    allowPrivilegeEscalation: false
    capabilities:
      drop:

• ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seccompProfile: type: RuntimeDefault333333

  securityContext:
    allowPrivilegeEscalation: false
    capabilities:
      drop:

• ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seccompProfile: type: RuntimeDefault1111111