feat(helm): allow specifying security context

[bartsmykla]

Summary

Currently, there is no place to specify/customize
the securityContext for following components:
kuma-cp/ Jobs (crd/webhook/ns)/ Ingress / Egress / CNI
This PR provides the option to specify securityContext
for all of the above components.

cc. @gdasson @johnharris85

Full changelog

• Added option to specify securityContext for :
  kuma-cp/ Jobs (crd/webhook/ns)/ Ingress / Egress / CNI
• Fix(partially) #Allow customization of (& provide sensible defaults for) securityContext across each component #3989
• Refer feat(helm): allow specifying security context #4111

Issues resolved

• Fix(partially) #Allow customization of (& provide sensible defaults for) securityContext across each component #3989

Testing

• Unit tests
• E2E tests
• Manual testing on Universal
• Manual testing on Kubernetes

Backwards compatibility

Does not affect backward compatibility

[codecov-commenter]

Codecov Report

Merging #4153 (9441a9a) into master (aafdd83) will increase coverage by 0.01%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master    #4153      +/-   ##
==========================================
+ Coverage   55.70%   55.72%   +0.01%     
==========================================
  Files         932      932              
  Lines       56290    56290              
==========================================
+ Hits        31355    31366      +11     
+ Misses      22458    22440      -18     
- Partials     2477     2484       +7     

Impacted Files	Coverage Δ
pkg/plugins/leader/postgres/leader_elector.go	93.61% <0.00%> (-6.39%)	⬇️
pkg/core/tokens/default_signing_key.go	66.66% <0.00%> (-5.56%)	⬇️
pkg/kds/reconcile/reconciler.go	79.48% <0.00%> (-5.13%)	⬇️
pkg/defaults/components.go	85.18% <0.00%> (-3.71%)	⬇️
pkg/mads/server/server.go	82.40% <0.00%> (-2.78%)	⬇️
pkg/insights/resyncer.go	74.07% <0.00%> (+2.46%)	⬆️
...s/authn/api-server/tokens/admin_token_bootstrap.go	82.00% <0.00%> (+4.00%)	⬆️
pkg/core/resources/manager/cache.go	88.31% <0.00%> (+5.19%)	⬆️
pkg/events/eventbus.go	92.59% <0.00%> (+7.40%)	⬆️
pkg/core/resources/store/customizable_store.go	77.77% <0.00%> (+22.22%)	⬆️
... and 1 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update aafdd83...9441a9a. Read the comment docs.

[lahabana]

If you retested with the new default LGTM!

[zd9KgA]

@bartsmykla Good extension! Does your PR also offer the ability to specify a securityContext for the kuma-init. If so, how?

[johnharris85]

It doesn't @zd9KgA, but #4241 will allow this.

[zd9KgA]

@johnharris85 I was not aware of this one. I'm eagerly awaiting #4241 then (well, I do have a work-around, about at the cost of granting elevated rights to the entire pod).

[erikbergsten]

I think this PR is missing the container security context for the kuma cni daemonset (which was included in the closed PR #4111). This PR only included the ability to specify pod security contexts. Should I open a new issue for this?

[lahabana]

Yes please do!