Add support for container-level security context #81
Description
Proposed changes
Add support for container-level security contexts in the Deepgram Self-Hosted Helm chart. Currently, the chart only supports pod-level security contexts, but Kubernetes allows for more granular security control at the container level. This enhancement adds containerSecurityContext configuration options for all Deepgram components (API, Engine, and License Proxy).
Context
Container-level security contexts provide more fine-grained security control than pod-level contexts. They are essential for:
- Security compliance: Meeting organizational security policies that require specific container restrictions
- Principle of least privilege: Setting different security contexts for different containers within the same pod
- Multi-container scenarios: Applying different security settings to init containers vs main containers
- Advanced security features: Configuring container-specific capabilities, seccomp profiles, and privilege escalation settings
This is particularly important for enterprise deployments where security teams require strict container isolation and minimal privilege configurations.
Possible Implementation
- New configuration fields in values.yaml:
- api.containerSecurityContext
- engine.containerSecurityContext
- licenseProxy.containerSecurityContext
- Template updates to render container-level security contexts when configured
Other information
- Backward compatible: Existing securityContext configurations continue to work unchanged
- Follows Kubernetes best practices: Separates pod and container security contexts as recommended