:sparkling: adding comment one the scaffolds to warn users about the …

…seccomp spec field usage

pkg/plugins/common/kustomize/v1/scaffolds/internal/templates/config/manager/config.go

@@ -72,8 +72,14 @@ spec:
     spec:
       securityContext:
         runAsNonRoot: true
-        seccompProfile:
-          type: RuntimeDefault
+        # TODO(user): For common cases that do not require escalating privileges
+        # it is recommended to ensure that all your Pods/Containers are restrictive.
+        # More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted    
+        # Please uncomment the following code if you are NOT looking 
+        # for to built projects which must work on old Kubernetes versions < 1.19 or 
+        # on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ).
+        # seccompProfile:
+        #   type: RuntimeDefault
       containers:
       - command:
         - /manager

pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/manager/config.go

@@ -72,8 +72,14 @@ spec:
     spec:
       securityContext:
         runAsNonRoot: true
-        seccompProfile:
-          type: RuntimeDefault
+        # TODO(user): For common cases that do not require escalating privileges
+        # it is recommended to ensure that all your Pods/Containers are restrictive.
+        # More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted    
+        # Please uncomment the following code if you are NOT looking 
+        # for to built projects which must work on old Kubernetes versions < 1.19 or 
+        # on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ).
+        # seccompProfile:
+        #   type: RuntimeDefault
       containers:
       - command:
         - /manager

testdata/project-v3-addon/config/manager/manager.yaml

@@ -26,8 +26,14 @@ spec:
     spec:
       securityContext:
         runAsNonRoot: true
-        seccompProfile:
-          type: RuntimeDefault
+        # TODO(user): For common cases that do not require escalating privileges
+        # it is recommended to ensure that all your Pods/Containers are restrictive.
+        # More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted    
+        # Please uncomment the following code if you are NOT looking 
+        # for to built projects which must work on old Kubernetes versions < 1.19 or 
+        # on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ).
+        # seccompProfile:
+        #   type: RuntimeDefault
       containers:
       - command:
         - /manager

testdata/project-v3-config/config/manager/manager.yaml

@@ -26,8 +26,14 @@ spec:
     spec:
       securityContext:
         runAsNonRoot: true
-        seccompProfile:
-          type: RuntimeDefault
+        # TODO(user): For common cases that do not require escalating privileges
+        # it is recommended to ensure that all your Pods/Containers are restrictive.
+        # More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted    
+        # Please uncomment the following code if you are NOT looking 
+        # for to built projects which must work on old Kubernetes versions < 1.19 or 
+        # on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ).
+        # seccompProfile:
+        #   type: RuntimeDefault
       containers:
       - command:
         - /manager

testdata/project-v3-multigroup/config/manager/manager.yaml

@@ -26,8 +26,14 @@ spec:
     spec:
       securityContext:
         runAsNonRoot: true
-        seccompProfile:
-          type: RuntimeDefault
+        # TODO(user): For common cases that do not require escalating privileges
+        # it is recommended to ensure that all your Pods/Containers are restrictive.
+        # More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted    
+        # Please uncomment the following code if you are NOT looking 
+        # for to built projects which must work on old Kubernetes versions < 1.19 or 
+        # on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ).
+        # seccompProfile:
+        #   type: RuntimeDefault
       containers:
       - command:
         - /manager

testdata/project-v3-v1beta1/config/manager/manager.yaml

@@ -26,8 +26,14 @@ spec:
     spec:
       securityContext:
         runAsNonRoot: true
-        seccompProfile:
-          type: RuntimeDefault
+        # TODO(user): For common cases that do not require escalating privileges
+        # it is recommended to ensure that all your Pods/Containers are restrictive.
+        # More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted    
+        # Please uncomment the following code if you are NOT looking 
+        # for to built projects which must work on old Kubernetes versions < 1.19 or 
+        # on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ).
+        # seccompProfile:
+        #   type: RuntimeDefault
       containers:
       - command:
         - /manager

testdata/project-v3-with-kustomize-v2/config/manager/manager.yaml

@@ -26,8 +26,14 @@ spec:
     spec:
       securityContext:
         runAsNonRoot: true
-        seccompProfile:
-          type: RuntimeDefault
+        # TODO(user): For common cases that do not require escalating privileges
+        # it is recommended to ensure that all your Pods/Containers are restrictive.
+        # More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted    
+        # Please uncomment the following code if you are NOT looking 
+        # for to built projects which must work on old Kubernetes versions < 1.19 or 
+        # on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ).
+        # seccompProfile:
+        #   type: RuntimeDefault
       containers:
       - command:
         - /manager

testdata/project-v3/config/manager/manager.yaml

@@ -26,8 +26,14 @@ spec:
     spec:
       securityContext:
         runAsNonRoot: true
-        seccompProfile:
-          type: RuntimeDefault
+        # TODO(user): For common cases that do not require escalating privileges
+        # it is recommended to ensure that all your Pods/Containers are restrictive.
+        # More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted    
+        # Please uncomment the following code if you are NOT looking 
+        # for to built projects which must work on old Kubernetes versions < 1.19 or 
+        # on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ).
+        # seccompProfile:
+        #   type: RuntimeDefault
       containers:
       - command:
         - /manager