Run SDC pods as non-root

[oom.git] / kubernetes / sdc / charts / sdc-be / templates / job.yaml

diff --git a/kubernetes/sdc/charts/sdc-be/templates/job.yaml b/kubernetes/sdc/charts/sdc-be/templates/job.yaml
index 32a5a37..4b5ec51 100644 (file)
--- a/kubernetes/sdc/charts/sdc-be/templates/job.yaml
+++ b/kubernetes/sdc/charts/sdc-be/templates/job.yaml
@@ -21,7 +21,7 @@ metadata:
   labels:
     app: {{ include "common.name" . }}-job
     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ .Release.Name }}
+    release: {{ include "common.release" . }}
     heritage: {{ .Release.Service }}
 spec:
   backoffLimit: 20
@@ -29,7 +29,7 @@ spec:
     metadata:
       labels:
         app: {{ include "common.name" . }}-job
-        release: {{ .Release.Name }}
+        release: {{ include "common.release" . }}
     spec:
       restartPolicy: Never
       initContainers:
@@ -53,7 +53,9 @@ spec:
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         volumeMounts:
         - name: {{ include "common.fullname" . }}-environments
-          mountPath: /root/chef-solo/environments/
+          mountPath: /home/sdc/chef-solo/environments/
+        - name: sdc-logs
+          mountPath: /var/lib/jetty/logs
         env:
         - name: ENVNAME
           value: {{ .Values.global.env.name }}
@@ -64,8 +66,10 @@ spec:
       volumes:
         - name: {{ include "common.fullname" . }}-environments
           configMap:
-            name: {{ .Release.Name }}-sdc-environments-configmap
+            name: {{ include "common.release" . }}-sdc-environments-configmap
             defaultMode: 0755
+        - name: sdc-logs
+          emptyDir: {}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
       restartPolicy: Never