There is no generic "read-only" role, but you can restrict access right to read only on both documents and issues. In that way, a user can be denied the possibility to edit or comment on documents and issues in the project. For documents you can restrict folders or individual files. For issues the restriction is set on the board itself and applies to all issues on that board.

Did this answer your question?