As a developer using SharedSecrets and ConfigMaps
I want to ensure all pods set readOnly; true on admission
So that I don't have pods stuck in the "Pending" state because of a bad volume mount
- Pods which reference the Shared Resource CSI driver must set readOnly: true on admission.
- If readOnly: true is not set, or is set to false, the pod should not be created.
- Appropriate testing in place to verify behavior
QE will need to verify the new Pod Admission behavior
Docs will need to ensure that readOnly: true is required and must be set to true.