The cp-solr-xml init container currently does not configure readOnlyRootFilesystem: true. However, this container does not appear to require a writable root filesystem for its functionality.
As a result, the container is not adhering to Kubernetes security best practices, which recommend setting readOnlyRootFilesystem: true for containers that do not need write access to their root filesystem. This helps to reduce the attack surface and improve overall security by preventing potential unauthorized write operations.
The cp-solr-xml init container currently does not configure
readOnlyRootFilesystem: true. However, this container does not appear to require a writable root filesystem for its functionality.As a result, the container is not adhering to Kubernetes security best practices, which recommend setting
readOnlyRootFilesystem: truefor containers that do not need write access to their root filesystem. This helps to reduce the attack surface and improve overall security by preventing potential unauthorized write operations.