Container security context hardening

[martinohmann]

There are still some apps that do not have a proper security context set up. Where possible, containers should run with unprivileged users and a read-only root filesystem.

I should review all helm releases and adjust or add security contexts where necessary.