Merge pull request #485 from tchellomello/fsGroup-pgsql

pgsql uses initContainer to address FS permissions
2026-05-06 13:22:50 +00:00 · 2021-08-12 15:36:46 -04:00
parent e636363e9e 649f0cc3fb
commit 47cec1f28d
2 changed files with 19 additions and 1 deletions
--- a/roles/installer/tasks/database_configuration.yml
+++ b/roles/installer/tasks/database_configuration.yml
@@ -80,8 +80,9 @@
 - block:
    - name: Create Database if no database is specified
      k8s:
-        apply: true
+        apply: yes
        definition: "{{ lookup('template', 'postgres.yaml.j2') }}"
+        wait: yes
      register: create_statefulset_result

  rescue:
--- a/roles/installer/templates/postgres.yaml.j2
+++ b/roles/installer/templates/postgres.yaml.j2
@@ -37,10 +37,27 @@ spec:
      imagePullSecrets:
        - name: {{ image_pull_secret }}
 {% endif %}
+      initContainers:
+        - name: init-chmod-data
+          image: '{{ postgres_image }}:{{ postgres_image_version }}'
+          imagePullPolicy: '{{ image_pull_policy }}'
+          command:
+            - /bin/sh
+            - -c
+            - |
+              if [ ! -f {{ postgres_data_path }}/PG_VERSION ]; then
+                chown postgres:root {{ postgres_data_path | dirname }}
+              fi
+          volumeMounts:
+            - name: postgres
+              mountPath: '{{ postgres_data_path | dirname }}'
+              subPath: '{{ postgres_data_path | dirname | basename }}'
      containers:
        - image: '{{ postgres_image }}:{{ postgres_image_version }}'
          imagePullPolicy: '{{ image_pull_policy }}'
          name: postgres
+          securityContext:
+            fsGroup: 999
          env:
            # For postgres_image based on rhel8/postgresql-12
            - name: POSTGRESQL_DATABASE