summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRenu Kumari <renu.kumari@bell.ca>2021-10-13 10:51:53 -0400
committerRenu Kumari <renu.kumari@bell.ca>2021-10-13 10:55:20 -0400
commit3507fdc8cfc5ea6075af269b8ae41d8c0ff4dcfb (patch)
tree8feb4e708fed51df21864aab12743afc5e0fa613
parenta697f8ab8f2b47100cb73a7f5812f70e242b75a6 (diff)
[COMMON] Fix timescaledb volume permission issue
- Added init-container to change mounted volume permission Issue-ID: CPS-667 Signed-off-by: Renu Kumari <renu.kumari@bell.ca> Change-Id: I3161400cbcf2de88580ea768c97212a2983f5fff
-rw-r--r--kubernetes/common/timescaledb/templates/statefulset.yaml16
1 files changed, 16 insertions, 0 deletions
diff --git a/kubernetes/common/timescaledb/templates/statefulset.yaml b/kubernetes/common/timescaledb/templates/statefulset.yaml
index 0bd7d30478..a3d942fcfa 100644
--- a/kubernetes/common/timescaledb/templates/statefulset.yaml
+++ b/kubernetes/common/timescaledb/templates/statefulset.yaml
@@ -30,6 +30,22 @@ spec:
spec:
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . ) }}
{{ include "common.podSecurityContext" . | indent 10 | trim}}
+ initContainers:
+ # we shouldn't need this but for unknown reason, it's fsGroup is not
+ # applied
+ - name: fix-permission
+ command:
+ - /bin/sh
+ args:
+ - -c
+ - chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} /var/lib/postgresql/data
+ image: {{ include "repositoryGenerator.image.busybox" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ securityContext:
+ runAsUser: 0
+ volumeMounts:
+ - mountPath: /var/lib/postgresql/data
+ name: {{ include "common.fullname" . }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}