Add full support for setting securityContext for restic restore

[MatthieuFin]

Summary of changes

Add a key secCtx in configuration configMap "velero.io/restic: RestoreItemAction" to be able to fully customize securityContext set on restic-wait init container set on restore job.

This key is an extension of existing keys secCtxRunAsUser, secCtxRunAsGroup, secCtxAllowPrivilegeEscalation. I keep these old keys support to assure a backward compatibility. But usage of the key secCtx could override old keys (unit tests should be clear).

Issue

Complete implementation for half implemented issue #2290

Please indicate you've done the following:

• Accepted the DCO. Commits without the DCO will delay acceptance.
• Created a changelog file or added /kind changelog-not-required.
• Updated the corresponding documentation in site/content/docs/main.

[reasonerjt]

@MatthieuFin Thanks for this PR and it looks good to me, could you rebase your PR and we can try to get this reviewed and merged before v1.8 release.

[reasonerjt]

moving this out of v1.8 milestone as we are very close to the FC.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[eleanor-millman]

@MatthieuFin Do you still want to get this merged? If you could do what @reasonerjt suggested we can get it into 1.9. THanks!

[MatthieuFin]

Oh yes, sorry i had broke my notifications settings, il will rebase it asap.

[eleanor-millman]

Thanks! I just mentioned it in the slack channel so hopefully we'll get a maintainers's eyes on it soon. https://kubernetes.slack.com/archives/C021GPR1L3S/p1645634071501639

[jenting]

LGTM, just a question.

[blackpiglet]

Reference #2437 here.
That issue was fixed by this PR too.