feat: Allow arbitrary podSpec in migration-job and crd-install jobs for operator chart

[localleon]

Closes #1287

This extends the Redpanda Operator Helm chart to allow configurable security contexts and other pod spec settings for pre-install CRD job and post-upgrade migration job hooks via new top-level values fields.

Values Configuration

1. Customize the CRD pre-install hook Job's pod spec (securityContext, tolerations, nodeSelector, etc.)
2. Customize the post-upgrade migration hook Job's pod spec

Implementation Details

• Added CRDs.PodTemplate and MigrationJob.PodTemplate structs to values.go
• Updated pre_install_crd_job.go and post_upgrade_migration_job.go to apply [StrategicMergePatch] when overrides are provided
• Merged via StrategicMergePatch semantics on top of chart-managed defaults
• Only the spec field is merged (not metadata) to avoid nil pointer issues when users provide spec-only overrides

crds:
  enabled: true
  podTemplate:
    spec:
      securityContext:
        runAsNonRoot: true
        runAsUser: 65532
      containers:
        - name: crd-installation
          securityContext:
            allowPrivilegeEscalation: false
            readOnlyRootFilesystem: true

migrationJob:
  podTemplate:
    spec:
      securityContext:
        runAsNonRoot: true
      tolerations:
        - key: workload
          operator: Equal
          value: batch
          effect: NoSchedule

I've regenerated the charts using the taskfile and performed manual validation (helm template), if the rednering is successfull with both jobs!

[CLAassistant]

All committers have signed the CLA.

[github-actions]

This PR is stale because it has been open 5 days with no activity. Remove stale label or comment or this will be closed in 5 days.

[localleon]

Dear all, would you be so kind and review the PR?

Thanks in advance!

[github-actions]

This PR is stale because it has been open 5 days with no activity. Remove stale label or comment or this will be closed in 5 days.

[localleon]

Still there :-)

[github-actions]

This PR is stale because it has been open 5 days with no activity. Remove stale label or comment or this will be closed in 5 days.

[localleon]

@andrewstucki @ivotron @RafalKorepta @hidalgopl @david-yu would anyone of you please be so kind and take a look at the PR?

Thanks in advance!