pkg/k8s: add support for initContainer

[danishprakash]

Description

Adds support for initContainers. Current state is as follows and as described here:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      annotations:
        container.apparmor.security.beta.kubernetes.io/nginx: runtime/default
        container.apparmor.security.beta.kubernetes.io/bb: runtime/default
    spec:
      initContainers:
      - image: busybox
        name: bb
        command:
          - /bin/echo
          - hello
      containers:
      - image: nginx
        name: nginx

$ kubeaudit apparmor -f deploy.yaml 

---------------- Results for ---------------

  apiVersion: apps/v1
  kind: Deployment
  metadata:
    name: nginx

--------------------------------------------

-- [error] AppArmorInvalidAnnotation
   Message: AppArmor annotation key refers to a container that doesn't exist. Remove the annotation 'container.apparmor.security.beta.kubernetes.io/bb: runtime/default'.
   Metadata:
      Container: bb
      Annotation: container.apparmor.security.beta.kubernetes.io/bb: runtime/default

Fixes #355

Type of change

• Bug fix 🐛
• New feature ✨
• This change requires a documentation update 📖
• Breaking changes ⚠️

How Has This Been Tested?

The tests are failing on the current main with the following error:

Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply
namespace/pod configured
Error from server (Forbidden): error when creating "../../internal/test/fixtures/all_resources/pod.yml": pods "pod" is forbidden: error looking up service account pod/default: serviceaccount "default" not found

Although I've tested my changes as part of this too by both removing the change (while keeping the fixtures) and vice versa. I'll take some time to look into the above error though.

Checklist:

• I have 🎩 my changes (A 🎩 specifically includes pulling down changes, setting them up, and manually testing the changed features and potential side effects to make sure nothing is broken)
• I have performed a self-review of my own code
• I have made corresponding changes to the documentation
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• The test coverage did not decrease
• I have signed the appropriate Contributor License Agreement

[ghost]

Thanks for opening this pull request! Please check out our contributing guidelines and sign the CLA.

[genevieveluyt]

Nice! This is a very clean solution. Do you mind adding one more test to make sure kubeaudit produces an error if there is an init container without an apparmor annotation? (ie. a copy of the test fixture you added but remove line 8)

[genevieveluyt]

Perfect thanks!

[ghost]

Congrats on merging your first pull request, keep em coming!