Elasticsearch: Add security context for exporter pod/container

This adds the security context snippet for the elasticsearch
prometheus exporter pod. This changes the pod's user from root to
the nobody user instead

This also adds the container security context to explicitly set
allowPrivilegeEscalation to false

Change-Id: If692fccaf4dd362b28fecb4656036289a3a97122

elasticsearch/templates/monitoring/prometheus/exporter-deployment.yaml

@@ -39,6 +39,7 @@ spec:
       labels:
 {{ tuple $envAll "elasticsearch" "exporter" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
     spec:
+{{ dict "envAll" $envAll "application" "elasticsearch_exporter" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
       serviceAccountName: {{ $serviceAccountName }}
       nodeSelector:
         {{ .Values.labels.elasticsearch.node_selector_key }}: {{ .Values.labels.elasticsearch.node_selector_value | quote }}
@@ -49,6 +50,8 @@ spec:
         - name: elasticsearch-exporter
 {{ tuple $envAll "prometheus_elasticsearch_exporter" | include "helm-toolkit.snippets.image" | indent 10 }}
 {{ tuple $envAll $envAll.Values.pod.resources.exporter | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+          securityContext:
+            allowPrivilegeEscalation: false
           command:
             - /tmp/elasticsearch-exporter.sh
             - start

elasticsearch/values.yaml

@@ -98,6 +98,9 @@ dependencies:
           service: elasticsearch
 
 pod:
+  user:
+    elasticsearch_exporter:
+      uid: 99
   affinity:
       anti:
         type: