Support container level security context

[zamsong123]

Is your feature request related to a problem? Please describe.
Currently our EKS environment have some pre check on the container level security context, deployment will be blocked if not set

Describe the solution you'd like
Add a field to specify container level security context

[zamsong123]

will make changes and create PR to this issue

[brusdev]

@zamsong123 the containers should inherit the pod level security context, are you setting the field spec.deploymentPlan.podSecurityContext in your ActiveMQArtemis CR?

[zamsong123]

@brusdev thanks for your comments, in our case, our EKS supporting team is doing some restriction on this, e.g. if there's no container level "runAsRootUser": true is set, the deployment will be blocked, frankly speaking I am not sure how the inherit works, but I guess they are different configuration for different purpose

[zamsong123]

@brusdev yes I tried the spec.deploymentPlan.podSecurityContext, it's not working for our EKS requirement

[zamsong123]

@brusdev btw, in Confluent Operator, they are also separate config for different purpose

[brusdev]

@zamsong123 thanks for the clarification, your enhancement makes sense to me

[Eric84626]

I will make code change for this issue.

[brusdev]

@Eric84626 cool, contributions are always welcome!

[brusdev]

The customisation of managed resources from #758 is sufficient to customize container security contexts however to simplify the deployment in restricted Kubernetes namespace I created #799 to restrict security context of pods by default.

[brusdev]

The new field spec.deploymentPlan.containerSecurityContext to customize the container security contexts will be included in 1.1.0