[bitnami/minio] feat: ✨ Add support for PSA restricted policy (#20501)

Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>
Signed-off-by: Javier J. Salmerón-García <jsalmeron@vmware.com>

Author: javsalgar

bitnami/minio/Chart.yaml

@@ -34,4 +34,4 @@ maintainers:
 name: minio
 sources:
 - https://github.com/bitnami/charts/tree/main/bitnami/minio
-version: 12.8.19
+version: 12.9.0

bitnami/minio/README.md

@@ -393,14 +393,27 @@ provisioning:
     fsGroup: 1001
   ## MinIO® container Security Context
   ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
-  ## @param provisioning.containerSecurityContext.enabled Enable container Security Context
-  ## @param provisioning.containerSecurityContext.runAsUser User ID for the container
-  ## @param provisioning.containerSecurityContext.runAsNonRoot Avoid running as root User
+  ## @param provisioning.containerSecurityContext.enabled Enabled containers' Security Context
+  ## @param provisioning.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
+  ## @param provisioning.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
+  ## @param provisioning.containerSecurityContext.privileged Set container's Security Context privileged
+  ## @param provisioning.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
+  ## @param provisioning.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
+  ## @param provisioning.containerSecurityContext.capabilities.drop List of capabilities to be dropped
+  ## @param provisioning.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
   ##
   containerSecurityContext:
     enabled: true
     runAsUser: 1001
     runAsNonRoot: true
+    privileged: false
+    readOnlyRootFilesystem: false
+    allowPrivilegeEscalation: false
+    capabilities:
+      drop: ["ALL"]
+    seccompProfile:
+      type: "RuntimeDefault"
+
   ## Automatic Cleanup for Finished Jobs
   ## @param provisioning.cleanupAfterFinished.enabled Enables Cleanup for Finished Jobs
   ## @param provisioning.cleanupAfterFinished.seconds Sets the value of ttlSecondsAfterFinished
@@ -429,14 +442,26 @@ podSecurityContext:
   fsGroup: 1001
 ## MinIO® container Security Context
 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
-## @param containerSecurityContext.enabled Enable container Security Context
-## @param containerSecurityContext.runAsUser User ID for the container
-## @param containerSecurityContext.runAsNonRoot Avoid running as root User
+## @param containerSecurityContext.enabled Enabled containers' Security Context
+## @param containerSecurityContext.runAsUser Set containers' Security Context runAsUser
+## @param containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
+## @param containerSecurityContext.privileged Set container's Security Context privileged
+## @param containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
+## @param containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
+## @param containerSecurityContext.capabilities.drop List of capabilities to be dropped
+## @param containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
 ##
 containerSecurityContext:
   enabled: true
   runAsUser: 1001
   runAsNonRoot: true
+  privileged: false
+  readOnlyRootFilesystem: false
+  allowPrivilegeEscalation: false
+  capabilities:
+    drop: ["ALL"]
+  seccompProfile:
+    type: "RuntimeDefault"
 ## @param podLabels Extra labels for MinIO® pods
 ## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
 ##