No root access to mariadb from portal app
Updates to helm charts to include an init container
to set permissions for volume, so that the existing
initialization code when run as a non-root user can
access the volume. this is in combination with
PORTAL-966.
Issue-ID: PORTAL-946
Signed-off-by: SandeepLinux <Sandeep.Shah@att.com>
Change-Id: I63a78dc1ab90914d648b0c1f470d3079eb0ddeba
diff --git a/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml b/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml
index bcd223c..ec6cc50 100644
--- a/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml
+++ b/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml
@@ -34,6 +34,13 @@
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
+ initContainers:
+ - name: volume-permissions
+ image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
+ command: ['sh', '-c', 'chmod -R 777 /var/lib/mysql']
+ volumeMounts:
+ - mountPath: /var/lib/mysql
+ name: mariadb-data
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
diff --git a/kubernetes/portal/components/portal-mariadb/values.yaml b/kubernetes/portal/components/portal-mariadb/values.yaml
index 08157f7..40b1775 100644
--- a/kubernetes/portal/components/portal-mariadb/values.yaml
+++ b/kubernetes/portal/components/portal-mariadb/values.yaml
@@ -21,7 +21,8 @@
persistence: {}
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
-
+ busyBoxImage: busybox:1.30
+ busyBoxRepository: docker.io
# application image
repository: nexus3.onap.org:10001