From: Sandeep Shah Date: Fri, 7 Aug 2020 21:54:12 +0000 (-0500) Subject: No root access to mariadb from portal app X-Git-Tag: 7.0.0~304^2 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=6a385ce0bf95f6eba1686b95a2b5a624caa6ed4c;p=oom.git No root access to mariadb from portal app Updates to helm charts to include an init container to set permissions for volume, so that the existing initialization code when run as a non-root user can access the volume. this is in combination with PORTAL-966. Issue-ID: PORTAL-946 Signed-off-by: SandeepLinux Change-Id: I63a78dc1ab90914d648b0c1f470d3079eb0ddeba --- diff --git a/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml b/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml index bcd223c7e6..ec6cc50634 100644 --- a/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml +++ b/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml @@ -34,6 +34,13 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: + initContainers: + - name: volume-permissions + image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}" + command: ['sh', '-c', 'chmod -R 777 /var/lib/mysql'] + volumeMounts: + - mountPath: /var/lib/mysql + name: mariadb-data containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" diff --git a/kubernetes/portal/components/portal-mariadb/values.yaml b/kubernetes/portal/components/portal-mariadb/values.yaml index 08157f7b92..40b1775ae9 100644 --- a/kubernetes/portal/components/portal-mariadb/values.yaml +++ b/kubernetes/portal/components/portal-mariadb/values.yaml @@ -21,7 +21,8 @@ global: # global defaults persistence: {} readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - + busyBoxImage: busybox:1.30 + busyBoxRepository: docker.io # application image repository: nexus3.onap.org:10001