Refactor Dockerfile and Helm chart to enhance security and user permissions

- Updated Dockerfile to run as non-root user 'nginx' and adjusted Nginx configuration for improved security.
- Added pod security context in values.yaml to align with the non-root user setup.
- Refined deployment.yaml to utilize the new pod security context for better compliance with Kubernetes security standards.

talks-slides-dist/templates/deployment.yaml

@@ -24,15 +24,14 @@ spec:
         {{- toYaml . | nindent 8 }}
       {{- end }}
       securityContext:
-        seccompProfile:
-          type: RuntimeDefault
+        {{- toYaml .Values.slides.podSecurityContext | nindent 8 }}
       containers:
         - name: nginx
           image: "{{ .Values.slides.image.repository }}:{{ .Values.slides.image.tag | default .Chart.AppVersion }}"
           imagePullPolicy: {{ .Values.slides.image.pullPolicy }}
           securityContext:
             allowPrivilegeEscalation: false
-            # Port 8080 dans le conteneur : pas besoin de NET_BIND_SERVICE (ports privilégiés).
+            # Image : USER nginx + master non-root → pas de SETUID/SETGID ; port 8080 → pas de NET_BIND_SERVICE.
             capabilities:
               drop: ["ALL"]
             readOnlyRootFilesystem: false