[ISSUE] Capabilities are not rendered when containerSecurityContext.privileged is set to true

[drodriguez-305]

Describe the issue:
Capabilities are not rendered when containerSecurityContext.privileged is set to true. This affects all of our components.

This line seems to be the culprit.

camunda-platform-helm/charts/camunda-platform-alpha/templates/zeebe/statefulset.yaml

Line 51 in 025e1d8

securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" $.Values.zeebe.containerSecurityContext "context" $) | nindent 12 }}

Which references a common _compatibility.tpl file I found this reference which tells it to omit capabilities if privileged is set

{{/* Remove fields that are disregarded when running the container in privileged mode */}}
{{- if $adaptedContext.privileged -}}
  {{- $adaptedContext = omit $adaptedContext "capabilities" "seLinuxOptions" -}}
{{- end -}}
{{- omit $adaptedContext "enabled" | toYaml -}}
{{- end -}}

Actual behavior:

When setting containerSecurityContext.privileged=true and containerSecurityContext.capabilities the capabilities do not render. However if containerSecurityContext.privileged=false then containerSecurityContext.capabilities renders.

containerSecurityContext:
   ## @param securityContext.allowPrivilegeEscalation
   allowPrivilegeEscalation: true
   ## @param securityContext.privileged
   privileged: true
   ## @param securityContext.readOnlyRootFilesystem
   readOnlyRootFilesystem: true
   ## @param securityContext.runAsUser
   runAsUser: 1000
   capabilities:
     add: [ "NET_ADMIN" ]

Expected behavior:
capabilities should render with any containerSecurityContext.privileged set

How to reproduce:

Logs:

Environment:

Please note: Without the following info, it's hard to resolve the issue and probably it will be closed.

• Platform:
• Helm CLI version:
• Chart version: Alpha
• Values file:

[hamza-m-masood]

relevant slack thread: https://camunda.slack.com/archives/C03UR0V2R2M/p1725264529353669