Add support for container securityContext

[eugene-davis]

This allows setting securityContext within a container.
Although most settings can be done at the pod level, a few cannot, such as allowPrivilegeEscalation and capabilities, both settings which are required if running with pod security set to restricted.

[jacksgt]

Hi @eugene-davis , I believe an issue occured while re-basing this PR. The securityContext section moved into the volumes section:

          volumeMounts:
          {{- if $.Values.geoip.enabled }}
            - name: geoip-db
              mountPath: /geoip
          {{- end }}
            {{- with $.Values.volumeMounts }}
            {{- toYaml . | nindent 12 }}
            {{- end }}
      {{ if eq . "worker" }}
          securityContext:
            {{- toYaml $.Values.worker.containerSecurityContext | nindent 12 }}
            {{- with $.Values.blueprints }}
              {{- range $name := . }}
            - name: blueprints-{{ $name }}
              mountPath: /blueprints/mounted/{{ $name }}
              {{- end }}
            {{- end }}
      {{- end }}

Could you take another look? I'd also really like to see this enhancement :-)

[eugene-davis]

I've fixed this - looks when the deployment template files were split Github got very confused.
I tentatively added support as well to the new GeoIP sidecars - but I've not tested that as I'm not running the sidecars.

[BeryJu]

Well I meant to merge this correctly but accidentally pushed this directly into main..anyways, thanks for the PR!