readOnlyRootFilesystem: false in config-demo-deployment.yaml

[brianredbeard]

Description

The deployment has readOnlyRootFilesystem: false which is a security concern. Containers should use read-only root filesystems when possible.

Location

https://github.com/validatedpatterns/multicloud-gitops/blob/main/charts/all/config-demo/templates/config-demo-deployment.yaml

securityContext:
  readOnlyRootFilesystem: false

Expected Behavior

Set to true and use emptyDir volumes for writable paths.