Enhance the pod security
The Lava service has been running with some admin privileges so far. This fix aims to enhance the security of the pod by configuring the values of securityContext and podSecurityContext to better control the actions and permissions of the container.
Additionally, specifying the filesystem as read-only, new volumes have been added to allow the service to store necessary files during execution.
Signed-off-by: Pablo Vigo pvigo@collabora.com