[bitnami/mariadb] Add initContainerSecurityContext parameter for primary initContainer

[YunusStar]

Description of the change

This change adds a new primary.initContainerSecurityContext parameter to the MariaDB chart, allowing separate security context configuration for the preserve-logs-symlinks initContainer. Previously, the initContainer shared the same security context as the main MariaDB container (primary.containerSecurityContext), which caused deployment failures in environments with strict security policies.

The change modifies:

• values.yaml: Adds the new initContainerSecurityContext parameter with full documentation
• templates/primary/statefulset.yaml: Updates the initContainer to use the new security context parameter
• Chart.yaml: Bumps version from 20.5.8 to 20.5.9

Benefits

• Enables MariaDB deployment in Azure environments with strict security policies (e.g., azurepolicy-k8sazurev2selinux)
• Provides flexibility to configure initContainer security context independently from main container
• Resolves "SELinux options is not allowed" deployment failures
• Maintains backward compatibility with sensible defaults
• Follows established patterns from other Bitnami charts (e.g., MongoDB TLS initContainer)

Possible drawbacks

No known limitations. This is a backward-compatible addition that:

• Uses the same default values as the existing containerSecurityContext
• Only affects the initContainer when explicitly configured
• Maintains existing behavior when not configured

Applicable issues

This resolves deployment issues where Azure security policies deny pods with SELinux options, specifically addressing the error:
SELinux options is not allowed, pod: mariadb-xxx, container mariadb. Allowed options: []

Additional information

This change enables users to set primary.initContainerSecurityContext.seLinuxOptions: null to comply with Azure security policies while maintaining security settings for the main MariaDB container. The implementation follows the same pattern established in other Bitnami charts for handling initContainer-specific configurations.

Checklist

• Chart version bumped in Chart.yaml according to semver. This is not necessary when the changes only affect README.md files.
• Variables are documented in the values.yaml and added to the README.md using readme-generator-for-helm
• Title of the pull request follows this pattern [bitnami/<name_of_the_chart>] Descriptive title
• All commits signed off and in agreement of Developer Certificate of Origin (DCO)

[juan131]

Hi @YunusStar

Thanks so much for this contribution! It is actually a great addition. However, if you don't mind, I'll put in on-hold for a couple of weeks given we're planning to introduce some changes in this chart soon that'll conflictive with these ones. Then, we can resume this work. Sorry for the inconveniences.