No root access to mariadb from portal app

Updates to helm charts to include an init container
to set permissions for volume, so that the existing
initialization code when run as a non-root user can
access the volume. this is in combination with
PORTAL-966.

Issue-ID: PORTAL-946
Signed-off-by: SandeepLinux <Sandeep.Shah@att.com>
Change-Id: I63a78dc1ab90914d648b0c1f470d3079eb0ddeba

diff --git a/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml b/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml
index bcd223c..ec6cc50 100644 (file)
--- a/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml
+++ b/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml
@@ -34,6 +34,13 @@ spec:
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
+      initContainers:
+      - name: volume-permissions
+        image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
+        command: ['sh', '-c', 'chmod -R 777 /var/lib/mysql']
+        volumeMounts:
+        - mountPath: /var/lib/mysql
+          name: mariadb-data
       containers:
         - name: {{ include "common.name" . }}
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"

diff --git a/kubernetes/portal/components/portal-mariadb/values.yaml b/kubernetes/portal/components/portal-mariadb/values.yaml
index 08157f7..40b1775 100644 (file)
--- a/kubernetes/portal/components/portal-mariadb/values.yaml
+++ b/kubernetes/portal/components/portal-mariadb/values.yaml
@@ -21,7 +21,8 @@ global: # global defaults
   persistence: {}
   readinessRepository: oomk8s
   readinessImage: readiness-check:2.0.0
-
+  busyBoxImage: busybox:1.30
+  busyBoxRepository: docker.io
 
 # application image
 repository: nexus3.onap.org:10001