[kibana] run as non root by default

[naseemkullah]

Describe the feature:
Please see title.

Describe a specific use case for the feature:
Best practice, although podSecurityContext is configurable, running as non root should not have to be explicitly set. The reverse should be true (one should have to explicitly set they want to run as root).

[Crazybus]

Leaving the same comment as for #163 that this seems to be related to some changes in Kubernetes 1.13. I'm adding support for 1.13 in #169. But still worth noting that Kibana does not seem to be running as the root user (at least in Kubernetes < 1.13).

sh-4.2$ ps aux 1
USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
kibana         1 71.8  1.2 1468548 392852 ?      Ssl  18:20   0:40 /usr/share/kibana/bin/../node/bin/node --no-warnings --max-http-header-size=65536 /usr/share/kibana/bin/../src/cli
sh-4.2$ id
uid=1000(kibana) gid=1000(kibana) groups=1000(kibana)
sh-4.2$ id kibana
uid=1000(kibana) gid=1000(kibana) groups=1000(kibana)

Could you confirm on one of these issues that you are seeing the same error as in #162 and not that your Kibana instance is somehow running as root?

[naseemkullah]

Hi @Crazybus similarly, although the process is not being run by root but rather by the kibana user, the container itself is still running as root, so if it is compromised, the compromiser will be root in the container.
It would be better to add the appropriate securityContext to run as non root.

I will gladly make a PR

[Crazybus]

The PR is here: #172

[jmlrt]

Hi @naseemkullah,
I'm closing this issue as your PR #172 was merged.