Implement Security Context for Glance

Implement container security context for the following Glance resources:
 - Glance server deployment

Change-Id: I32b63226f5f2bcfff09f0b6760f5475ef7d1b5b5

glance/templates/deployment-api.yaml

@@ -92,8 +92,7 @@ spec:
         - name: glance-api
 {{ tuple $envAll "glance_api" | include "helm-toolkit.snippets.image" | indent 10 }}
 {{ tuple $envAll $envAll.Values.pod.resources.api | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-          securityContext:
-            allowPrivilegeEscalation: false
+{{ dict "envAll" $envAll "application" "glance" "container" "glance_api" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
           command:
             - /tmp/glance-api.sh
             - start

glance/templates/deployment-registry.yaml

@@ -59,8 +59,7 @@ spec:
         - name: glance-registry
 {{ tuple $envAll "glance_registry" | include "helm-toolkit.snippets.image" | indent 10 }}
 {{ tuple $envAll $envAll.Values.pod.resources.registry | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-          securityContext:
-            allowPrivilegeEscalation: false
+{{ dict "envAll" $envAll "application" "glance" "container" "glance_registry" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
           command:
             - /tmp/glance-registry.sh
             - start

glance/values.yaml

@@ -786,9 +786,17 @@ endpoints:
     namespace: kube-public
 
 pod:
-  user:
+  security_context:
     glance:
-      uid: 42424
+      pod:
+        runAsUser: 42424
+      container:
+        glance_api:
+          readOnlyRootFilesystem: true
+          allowPrivilegeEscalation: false
+        glance_registry:
+          readOnlyRootFilesystem: true
+          allowPrivilegeEscalation: false
   affinity:
     anti:
       type: