feat: Automatic configuration of file system ACL.

[ryanfaircloth]

This feature ensures the otel container will have read access to /var/log while running in nonroot mode by default. It also ensures the container will have rw access to its checkpoint directory.
Fixes #47

Whats new:

• Use FS ACL rather than chown to append the new user/group to file system permissions this is safer as a patch/update on the node is less likely to undo it.
• Apply the guidance originally provided in README.md as an init container so its always applied in the case of node scale out
• Change the UID/GID to one that is not the most common example on the internet.

Alternatives considered:

• Do nothing: Keep the changes required for the node as customer responsibility. Customer feedback was consistent this wasn't a desirable outcome.
• Kind: JOB Can't ensure run once per node
• Run container as root by default. While this would work its not needed and could have consequences.

[rockb1017]

@rfaircloth-splunk hmm. I tried a several variation from this PR but this isn't working. I get permission denied error no matter what i do.
I will keep looking into how to make it work.
please share if you have any more info on it.

[gglymidakis]

@rockb1017 has there been any update on this? I am currently working with a customer who is looking to utilise the solution after GA but have raised security concerns and also spotted this issue and are looking for updates.

[rockb1017]

Hello, yes. I have made updates and pushed commit to https://github.com/signalfx/splunk-otel-collector-chart
This repo will go away and GA will be at above repo.

[gglymidakis]

@rockb1017 Thanks for the update. Can you please point me to the exact commits in the above repo so that I can share with the customer?

[rockb1017]

oh i just realized it hasn't been merged.
signalfx/splunk-otel-collector-chart#263