Configure spawned notebook policy in PSS enforced kubernetes environment

JupyterHub
,
3

Additionally, you may consider extraPodConfig values do not get set - #4 by manics

...
  hub:
...
    config:
...
      KubeSpawner:
        container_security_context:
          allowPrivilegeEscalation: false
          capabilities:
            drop:
            - ALL
          runAsNonRoot: true
          seccompProfile:
            type: RuntimeDefault