Set the defaults to compatible with pss-restricted

https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted

Signed-off-by: Pat Riehecky <[email protected]>

Author: jcpunk

charts/kafka-ui/Chart.yaml

@@ -2,6 +2,6 @@ apiVersion: v2
 name: kafka-ui
 description: A Helm chart for kafka-UI
 type: application
-version: 0.7.2
+version: 0.8.0
 appVersion: v0.7.1
 icon: https://github.com/provectus/kafka-ui/raw/master/documentation/images/kafka-ui-logo.png

charts/kafka-ui/values.yaml

@@ -79,17 +79,18 @@ probes:
   useHttpsScheme: false
 
 podSecurityContext:
-  {}
-  # fsGroup: 2000
+  fsGroup: 101
 
 securityContext:
-  {}
-  # capabilities:
-  #   drop:
-  #   - ALL
-  # readOnlyRootFilesystem: true
-  # runAsNonRoot: true
-  # runAsUser: 1000
+  allowPrivilegeEscalation: false
+  capabilities:
+    drop:
+    - ALL
+  runAsGroup: 101
+  runAsNonRoot: true
+  runAsUser: 100
+  seccompProfile:
+    type: RuntimeDefault
 
 service:
   type: ClusterIP