bug: vulnerability-operator - missing reports directory

[samcornwell]

When I first tried helm deploy vulnerability operator, it failed at the stage where it tried to create the /reports directory and save the report.json. There is no volume for the /reports directory created in the helm deployment yaml. The out-of-the-box deployment gives an error that says that the root directory is read-only, which is expected since the default config is set as:

securityContext:
  capabilities:
    drop:
    - ALL
  allowPrivilegeEscalation: false
  privileged: false
  readOnlyRootFilesystem: true
  runAsNonRoot: true
  runAsUser: 1000
  seccompProfile:
    type: RuntimeDefault

Setting readOnlyRootFilesystem to false was not enough, because then a permissions error occurred during the creation of the /reports directory. The configuration required to make it work was:

  readOnlyRootFilesystem: false
  runAsNonRoot: false
  runAsUser: 0

Obviously this is not ideal. The solution I came up with utilized the same solution as #174. This is also not ideal because the user should be able to set the reports-dir argument and just expect it to work. I am currently working on an alternative solution which will add the /reports volume and volumeMount in the deployment yaml code, and it will attempt to read from the user's custom-values.yaml file (or whatever it's called) for the name of the volume mount, and otherwise use the default value of /reports