Support for a securityContext.seccompProfile configuration

[nmr]

Is your feature request related to a problem? Please describe.
I use the vault-agent in environements/clusters with a lot of security restrictions for example PSS restricted mode. In one of the environments, it is required to enable the appropriate seccomp profile for containers in the spec.containers[*].securityContext.seccompProfile.type section. If this option is not set, deployments with sidecontainer and initcontainer will block.

It's currently not possible to set this parameter in the agent 's configuration. I can configure only runAsUser and runAsGroup values.

Describe the solution you'd like
I would like to be able to configure securitycontext parameters for side containers that are added by mutating webhook. I need new config variables like AGENT_INJECT_SET_SECURITY_CONTEXT, AGENT_INJECT_RUN_AS_GROUP, AGENT_INJECT_RUN_AS_USER that will allow to parameterize additional parameters belonging to the securitycontext class for example:

variable	environment variable	kubernetes field	default
SetSeccompProfile	AGENT_INJECT_SET_SECCOMP_PROFILE	spec.(initcontainers|containers)[*].securityContext.seccompProfile.type	RuntimeDefault

I think it would be a good practice to also add the following parameters and set them to default as below.

variable	environment variable	kubernetes field	default
SetDropCaps	AGENT_INJECT_SET_DROP_CAPS	spec.(initcontainers|containers)[*].securityContext.capabilities.drop	DROP ALL
SetAddCaps	AGENT_INJECT_SET_ADD_CAPS	spec.(initcontainers|containers)[*].securityContext.capabilities.add	NONE
SetPriviligedEscalation	AGENT_INJECT_SET_PRIVILIGED_ESCALATION	spec.containers[*].securityContext.privileged	FALSE

Describe alternatives you've considered
...
Additional context
...

[Robertsr90]

Same problem on my side. This it the very clean way to do that.

We are blocked before production, Can anyone help ?