[kubernetes] Fix owner and mode of cwclientlibrc
authorPhilippe Pepiot <philippe.pepiot@logilab.fr>
Thu, 16 May 2019 18:15:33 +0200
changeset 107 c5f6e769051c
parent 106 c8e6db0a7613
child 108 8daefd9acb64
[kubernetes] Fix owner and mode of cwclientlibrc Kubernetes can set a mode using "defaultMode" but cannot mount the file with other uid than root. So we have to mount the secret and copy it with good mode and ower in /etc/cubicweb.d/fresh/cwclientlibrc...
deploy/deployment.yaml
--- a/deploy/deployment.yaml	Thu May 16 17:43:36 2019 +0200
+++ b/deploy/deployment.yaml	Thu May 16 18:15:33 2019 +0200
@@ -64,8 +64,11 @@
             - name: static
               mountPath: /etc/cubicweb.d/fresh/data
             - name: cwclientlibrc
-              mountPath: /etc/cubicweb.d/fresh/cwclientlibrc
-              subPath: cwclientlibrc
+              mountPath: /secret
+          command: [
+            "/bin/sh", "-c",
+            "install -m 400 /secret/cwclientlibrc /etc/cubicweb.d/fresh/cwclientlibrc && exec /entrypoint.sh start"
+          ]
           resources:
             requests:
               cpu: 500m
@@ -128,9 +131,11 @@
                 name: fresh-env
           volumeMounts:
             - name: cwclientlibrc
-              mountPath: /etc/cubicweb.d/fresh/cwclientlibrc
-              subPath: cwclientlibrc
-          command: ["cubicweb-ctl", "scheduler", "fresh"]
+              mountPath: /secret
+          command: [
+            "/bin/sh", "-c",
+            "install -m 400 /secret/cwclientlibrc /etc/cubicweb.d/fresh/cwclientlibrc && exec cubicweb-ctl sheduler fresh"
+          ]
           resources:
             requests:
               cpu: 100m