Support arbitrary Security Contexts for GID, UID, and fsGroup for Kubernetes

[jayunit100]

what do you want
Be able to support arbitrary Security Contexts for GID, UID, and fsGroup for Kubernetes.

BlackDuck Ticket: https://jira.dc1.lan/browse/HUB-20580

why is this needed
PodSecurityPolicies can prevent Pods from running if the Security Contexts are not set.
Similarly, SecurityContextConstraints in Openshift can prevent Pods from running.

TODO

• Add a flag to Synopsysctl to set SecurityContext constraints
• Modify synopsysctl to create a service account for all resources if on Kubernetes/Openshift (this will make it easy for customers to add the Product to a SecurityContextConstraint)
• Verify the BlackDuck images can run without being root (aka GID, UID, and fsGroup are not 0)
• Verify Pods can run with a PodSecurityPolicy enabled
• Verify Pods can run with a SecurityContextConstraint enabled
• Test in onprem Kubernetes
• Test in GKE

example implementation
https://github.com/blackducksoftware/polaris-contrib/tree/master/blackduck-synopsysctl-example-GID1000

[yashbhutwala]

new xref: https://jira-sig.internal.synopsys.com/browse/HUB-20580

[yashbhutwala]

Upon @jdartigalongue recommendation, specifically will only be adding a --fsGroup flag, and will have two versions of postgres (one for kubernetes, with UID 26 [due to GKE] and one for Openshift, with no uid)

[yashbhutwala]

depends on #972

[mphammer]

Test on GKE, and DC1 (both K8s and Openshift)