Ensure all containers run with r/o root fs and other std securityContext settings

[joeg-pro]

This PR updates the container specs of all ALC deployments to ensure that all containers run with a read-only root filesystem. This is a secure engineering best practice and something users are starting to expect of Kube applications.

The PR also updates securityContext settings at the container and pod levels to bring them into alignment with the standards we are aming for across all things integrated into Stolostron and subsequently RHACM. Some of these settings were already being applied, but inconsistently across the deployments/containers.

Finally, this PR adjusts anti-affinity to conform to key naming that we're using as standard practice for things integrated into Stolostro/RHACM. (These settings are actually being injected this way by the tooling that ingrates things into the MCH operator, but its better that the source-of-truth reflects the settings as desired so there is less "magic" happening via the integration automation.)

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: joeg-pro
Once this PR has been reviewed and has the lgtm label, please assign lennysgarage for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[codecov]

Codecov Report

All modified lines are covered by tests ✅

Comparison is base (619d1b6) 54.46% compared to head (8b31f2b) 54.07%.
Report is 3 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #373      +/-   ##
==========================================
- Coverage   54.46%   54.07%   -0.40%     
==========================================
  Files          71       71              
  Lines       14947    14947              
==========================================
- Hits         8141     8082      -59     
- Misses       5979     6044      +65     
+ Partials      827      821       -6     

Flag	Coverage Δ
unit	54.07% <ø> (-0.40%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

see 4 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.