Split "Container Security Context"

[zegl]

As shown in #204, there's a need to being able to disable the UID and GID checks of the "Container Security Context" check without disabling the other checks that are made. I'm therefore proposing to split this check into three separate ones:

• Container Security Context User/Group ID
• Container Security Context Privileged
• Container Security Context ReadOnlyRootFilesystem

Keeping all 3+1 versions around would not be desirable, and I'm proposing to use a three setup rollout plan:

• v1.n: Add the three new checks, using opt-in, and deprecate the existing "Container Security Context" check.
• v1.n+1: Enable the three new checks by default, mark "Container Security Context" as optional/opt-in.
• v1.n+2: Remove "Container Security Context".

[markuslackner]

Hi! I would start implementing this feature, if there is not someone else who has already started with implementing.

[zegl]

@markuslackner I don't know of anyone else that has started to implement this, so feel free to go ahead! 👍