Project

Profile

Help

Story #5141

closed

Story #5132: [Epic] As a user, I can consume Pulp 3 from OperatorHub.io

The postgres container (when part of pulp-operator at least) should use an fsGroup

Added by mdepaulo@redhat.com over 4 years ago. Updated about 3 years ago.

Status:
MODIFIED
Priority:
Normal
Assignee:
Category:
Operator - Moved to Github Issues
Sprint/Milestone:
-
Start date:
Due date:
% Done:

100%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

This way, postgres runs as the postgres user.

Actions #1

Updated by fao89 over 4 years ago

  • Tags CI/CD added
Actions #2

Updated by fao89 over 3 years ago

  • Category set to Operator - Moved to Github Issues
Actions #3

Updated by mdepaulo@redhat.com about 3 years ago

  • Assignee deleted (mdepaulo@redhat.com)
  • Tags deleted (CI/CD)
Actions #4

Updated by chambridge about 3 years ago

So this reads as update the postgresql deployment with a securityContext:

  securityContext:
    fsGroup: ???

https://github.com/pulp/pulp-operator/blob/main/roles/postgres/templates/postgres.deployment.yaml.j2

Not clear what the fsGroup value should be here. I see some CrunchyData results that have "26", but I don't want to assume.

Actions #5

Updated by chambridge about 3 years ago

  • Assignee set to chambridge

Looking at the postgresql-96-centos7:96 image Dockerfile used by the operator https://github.com/pulp/pulp-operator/blob/main/roles/postgres/templates/postgres.deployment.yaml.j2#L36

Image: https://hub.docker.com/r/centos/postgresql-96-centos7

The UID being used is 26

Will update the deployment with:

  securityContext:
    runAsUser: 26
    fsGroup: 26

Added by chambridge about 3 years ago

Revision 615b338c | View on GitHub

Add security context fsGroup to deployment of postgres container

Persistent volume will be accessed with UID and group associated with postgres as defined in the image

fixes #5141 https://pulp.plan.io/issues/5141

Actions #6

Updated by pulpbot about 3 years ago

  • Status changed from NEW to POST
Actions #7

Updated by chambridge about 3 years ago

  • Status changed from POST to MODIFIED
  • % Done changed from 0 to 100

Also available in: Atom PDF