Thanks for your reply @metin!
I just noticed that in this article for implementing read-only modes in apps it says:
Read-Only Mode for Data Center customers helps admins perform routine maintenance, recover from unexpected problems, or prepare to migrate content to a new site. When a site is placed in read-only mode, users will be able to view pages and their history, but not create, edit, comment, copy or move content. Administration actions such as changing site configuration are not restricted.
The last sentence is particularly interesting because we’ve been rigorously preventing all write operations for our apps in read-only mode. This also means configuration stuff which I guess should actually be allowed according to this article?
From my personal point of view I’ve always seen read-only mode kind of like a “secure boot mode” of an OS. So as an admin I would like apps to do as little as possible during it. I thought it to be good practice to lock down your apps as much as possible during read-only mode. But If I understand correctly it should even be allowed to configure apps in read-only mode, so maybe I’ve misinterpreted it a little and we can take a much leaner approach in the future.
I’d like to wait for an Atlassian to give an offical response to this (maybe @bmagro has something to say?) but otherwise if nothing happens I’ll probably just go ahead an mark you answer as a solution.