RunnerDeployment CRD does not support allowPrivilegeEscalation and capabilities parameters in PodSecurityContext

[balusarakesh]

Describe the bug RunnerDeployment CRD does not support allowPrivilegeEscalation and capabilities parameters in PodSecurityContext

Checks

• runner image: summerwind/actions-runner:v2.283.1-ubuntu-20.04-24602ff
• [X] My actions-runner-controller version (v0.x.y) does support the feature

To Reproduce Steps to reproduce the behavior:

1. Deploy actions-runner-controller helm chart version 0.13.0 and create a RunnerDeployment with the following securityContext:

securityContext:
  allowPrivilegeEscalation: true
  seLinuxOptions:
    level: s0
    role: system_r
    type: super_t
    user: system_u
  capabilities:
    add:
    - DAC_READ_SEARCH
    - NET_ADMIN
    - SYS_ADMIN
    - SYS_RESOURCE

2. helmfile apply will fail with error saying that allowPrivilegeEscalation and capabilities fields are not accepted

Expected behavior RunnerDeployment should accept allowPrivilegeEscalation and capabilities parameters as a part of PodSecurityContext

Environment:

• Controller image [summerwind/actions-runner-controller:v0.20.0]
• Deployment Method - helm
• Helm Chart Version [0.13.0]

Tried work-around As a work-around we updated the CRDs for runners with the above parameters here and able to create a RunnerDeployment with the above securityContext BUT the actions-runner-controller is removing those parameters automatically.

• Thank you

[peimanja]

I'm having the same issue that I mentioned it in https://github.com/actions-runner-controller/actions-runner-controller/pull/599#issuecomment-927625176