Security: Please set container Security Context on all Containers

[AceHack]

Many companies have a security requirement in place that all containers must have a read-only file system and not allow privileged escalation. Please set this (Or allow it to be set) on all containers. This would mean either adding it yourself or adding it to any CRDs that end up creating containers so the user can set it. Note this is at the container level, not the pod level. I have created a separate feature request for the pod security content.

https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

See the pod security context example below for what is required to be set.

apiVersion: v1
kind: Pod
metadata:
  name: security-context-demo
spec:
  containers:
  - name: sec-ctx-demo
    securityContext:
      allowPrivilegeEscalation: false
      readOnlyRootFilesystem: true

Related Feature Request: https://github.com/knative/eventing/issues/2882

[evankanderson]

We're going to track this in https://github.com/knative-sandbox/operator/issues/4 and address it comprehensively rather than on a per-repo basis.

/close

[knative-prow-robot]

@evankanderson: Closing this issue.

In response to [this](https://github.com/knative/serving-operator/issues/385#issuecomment-610511353): >We're going to track this in https://github.com/knative-sandbox/operator/issues/4 and address it comprehensively rather than on a per-repo basis. > >/close Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.