diff options
| author |   Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-04-29 09:40:22 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <gerrit@onap.org> | 2020-04-29 09:40:22 +0000 |
| commit | 684fb2fe4acda6cdb8ef9d9ace9ad1d58c677a15 (patch) | |
| tree | e12b1fc57adb69548d4c65fc9dd9c6c4b5967170 | |
| parent | f5e74e506c8ae56f4a7af7dfa516c5733fadb22e (diff) | |
| parent | 276812c91c17e56f02760f2da657c598abbc881e (diff) | |
Merge "Set sdc onboarding volume mount permissions"
| -rw-r--r-- | kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml | 13 | ||||
| -rw-r--r-- | kubernetes/sdc/charts/sdc-onboarding-be/values.yaml | 3 | ||||
| -rw-r--r-- | kubernetes/sdc/values.yaml | 2 |
3 files changed, 18 insertions, 0 deletions
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml index 3db3685b86..108c781f54 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml @@ -70,6 +70,19 @@ spec: mountPath: /config-input/ - name: sdc-environments-output mountPath: /config-output/ + - name: volume-permissions + image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /bin/sh + - -c + - | + chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} //onboard/cert + securityContext: + runAsUser: 0 + volumeMounts: + - name: {{ include "common.fullname" . }}-cert-storage + mountPath: "/onboard/cert" containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml index 946cb3491f..4cfebbf72f 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml @@ -103,6 +103,9 @@ cert: volumeReclaimPolicy: Retain mountSubPath: /sdc/onbaording/cert +securityContext: + fsGroup: 35953 + runAsUser: 352070 ingress: enabled: false diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml index 5701a91f27..2694b5de80 100644 --- a/kubernetes/sdc/values.yaml +++ b/kubernetes/sdc/values.yaml @@ -28,6 +28,8 @@ global: wf_external_user_password: S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ== ubuntuInitRepository: oomk8s ubuntuInitImage: ubuntu-init:1.0.0 + busyboxRepository: registry.hub.docker.com + busyboxImage: library/busybox:latest cassandra: #This flag allows SDC to instantiate its own cluster, serviceName #should be sdc-cs if this flag is enabled |