diff options
author | Andreas Geissler <andreas-geissler@telekom.de> | 2024-08-02 14:18:07 +0200 |
---|---|---|
committer | Andreas Geissler <andreas-geissler@telekom.de> | 2024-08-07 16:09:07 +0200 |
commit | dbabc4be8ab3a55d76fab88dab356d43e3d59e19 (patch) | |
tree | 982bc4a79078de0952a5bf9aff7ad4d4cba2cf10 /kubernetes/common/timescaledb/templates/statefulset.yaml | |
parent | bf35e55286a0ac2f4fe05f595cda7109f22a5e6a (diff) |
[COMMON] Synchronize common charts
- solve actual findings during tests with kyverno policies
- synchronize headers
Issue-ID: OOM-3288
Issue-ID: OOM-3296
Change-Id: Ia7e7daa8864069493e09dd6511825aa939c5eeaf
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Diffstat (limited to 'kubernetes/common/timescaledb/templates/statefulset.yaml')
-rw-r--r-- | kubernetes/common/timescaledb/templates/statefulset.yaml | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/kubernetes/common/timescaledb/templates/statefulset.yaml b/kubernetes/common/timescaledb/templates/statefulset.yaml index bee389f191..1d161f3945 100644 --- a/kubernetes/common/timescaledb/templates/statefulset.yaml +++ b/kubernetes/common/timescaledb/templates/statefulset.yaml @@ -30,6 +30,22 @@ spec: spec: serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . ) }} {{ include "common.podSecurityContext" . | indent 10 | trim}} + initContainers: + # we shouldn't need this but for unknown reason, it's fsGroup is not + # applied + - name: fix-permission + command: + - /bin/sh + args: + - -c + - chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} /var/lib/postgresql/data + image: {{ include "repositoryGenerator.image.busybox" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + securityContext: + runAsUser: 0 + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: {{ include "common.fullname" . }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} @@ -78,9 +94,9 @@ spec: {{- end }} {{- with .Values.tolerations }} tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} volumeClaimTemplates: - {{ include "common.PVCTemplate" (dict "dot" . "suffix" "data" "persistenceInfos" .Values.persistence "ignoreHelmChart" true) | indent 6 | trim }} -{{- end }} + {{- end }} |