Operator 1.6 : Remove "AllowPrivilegeEscalation" or decouple "AllowPrivilegeEscalation" from "Privileged"

[neelasha-09]

Hi Team,

While using OPR v1.6.1, we get the error seteuid: Operation not permitted due to cron binary unable to run.

zalando/spilo#562

We compared the old (1.5.0)and new operator (1.6.1) and observed the error is due to the allowPrivilegeEscalation: false under securityContext.

We see required either to remove the allowPrivilegeEscalation ( as in 1.5.0 ) or to decouple the allowPrivilegeEscalation from Privileged by having 2 different parameters:

Reference links below for the code:

Old OPR: 1.5.0 - Working

postgres-operator/pkg/cluster/k8sres.go

Line 456 in a9b677c

Privileged: &privilegedMode,

New OPR: 1.6.1 - cron error

postgres-operator/pkg/cluster/k8sres.go

Line 469 in ff81437

AllowPrivilegeEscalation: &privilegedMode,

In conclusion, at least for OpenShift we need the parameter allowPrivilegeEscalation to be set as true and Privileged to be set as false

[neelasha-09]

@FxKu : Could you please review the PR #1412