fix pss warnings

Signed-off-by: Harshvir Potpose <hpotpose62@gmail.com>

Author: akagami-harsh

manifests/v1beta1/components/controller/controller.yaml

@@ -58,6 +58,15 @@ spec:
               name: katib-config
               subPath: katib-config.yaml
               readOnly: true
+          securityContext:
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            runAsUser: 1000
+            seccompProfile:
+              type: RuntimeDefault
+            capabilities:
+              drop:
+              - ALL
       volumes:
         - name: cert
           secret:

manifests/v1beta1/components/db-manager/db-manager.yaml

@@ -40,3 +40,12 @@ spec:
             initialDelaySeconds: 10
             periodSeconds: 60
             failureThreshold: 5
+          securityContext:
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            runAsUser: 1000
+            seccompProfile:
+              type: RuntimeDefault
+            capabilities:
+              drop:
+              - ALL

manifests/v1beta1/components/mysql/mysql.yaml

@@ -68,6 +68,15 @@ spec:
           volumeMounts:
             - name: katib-mysql
               mountPath: /var/lib/mysql
+          securityContext:
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            runAsUser: 1000
+            seccompProfile:
+              type: RuntimeDefault
+            capabilities:
+              drop:
+              - ALL
       volumes:
         - name: katib-mysql
           persistentVolumeClaim:

manifests/v1beta1/components/ui/ui.yaml

@@ -33,4 +33,13 @@ spec:
           ports:
             - name: ui
               containerPort: 8080
+          securityContext:
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            runAsUser: 1000
+            seccompProfile:
+              type: RuntimeDefault
+            capabilities:
+              drop:
+              - ALL
       serviceAccountName: katib-ui