[BUG] error from server(forbidden): admission webhook "validation.gatekeeper.sh" denied the request: [denied by pod-allowed-capabilities] [azurepolicy-k8azurev2nonprivilege-19124c6401684452c142] privilege container not allowed: copy-azurekeyvault-env

[cramakan]

Note: Make sure to check out known issues (https://akv2k8s.io/troubleshooting/known-issues/) before submitting

Components and versions
Select which component(s) the bug relates to with [X].

[ ] Controller, version: 1.7.3 (docker image tag)
[ ] Env-Injector (webhook), version: 1.7.3 (docker image tag)
[ ] Other

Describe the bug
A clear and concise description of what the bug is.
Getting error as denied by privilege container not allowed

error from server(forbidden): admission webhook "validation.gatekeeper.sh" denied the request: [denied by pod-allowed-capabilities] [azurepolicy-k8azurev2nonprivilege-19124c6401684452c142] privilege container not allowed: copy-azurekeyvault-env, securityContext { "capabilities" : {"drop" } : [ "ALL" ]}, "privilege" : "true", "readOnlyRootFileSystem" : "true" , "runasNonRoot" : "false" }

Seems below code is blocking above policy, is there any way to override below in file cmd/azure-keyvault-secrets-webhook/pod.go?

SecurityContext: &corev1.SecurityContext{ Capabilities: &corev1.Capabilities{ Drop: []corev1.Capability{"ALL"}, }, ReadOnlyRootFilesystem: &[]bool{viper.GetBool("webhook_container_security_context_read_only")}[0], RunAsNonRoot: &[]bool{viper.GetBool("webhook_container_security_context_non_root")}[0], Privileged: &[]bool{viper.GetBool("webhook_container_security_context_privileged")}[0], },