pega-helm-charts
pega-helm-charts copied to clipboard
Cannot add custom fsgroup to the securityContext
Describe the bug We are not able to set a custom fsgroup in the securityContext of the helm chart, in fact it is always overriden by the default value 0. This prevents us from deploying the cluster to our current productive Kubernetes environment.
To Reproduce Deploy cluster with custom fsgroup.
Expected behavior Expose the configuration of the fsgroup in the helm chart
Chart version v2.1.1
Server (if applicable, please complete the following information):
- OS: Ubuntu 18.04
- Environment: Open Source Kubernetes 1.22
- Database: PostgreSQL
Additional context None
Hi Alessandro, What's the use case for changing the fsgroup? Currently, we have it set to 0 so that we can handle openshift deployments (which assign random UIDs to containers so we have to do things via group permissions).
Hi @RyanStan, We don't use openshift and we need a custom fsgroup in order to use a supplementary group for accessing an NFS storage volume.
Gotcha, ok. I'll bring this up internally and see we can get this in asap along with the other issues you brought up.
Here same issue, also not using openshift but a company managed shared kubernetes environment.
Pods "etest-web-5b668f4db7-" is forbidden: PodSecurityPolicy: unable to admit pod: [spec.securityContext.fsGroup: Invalid value: []int64{0}: group 0 must be in the ranges: [{1 65535}]]:
@RyanStan is there any progress on this issue?
@alemax22 Added configurable fsgroup to the security context. Please use the latest helm charts (v2.6.1)
Looks like this issue was not correctly tagged in the corresponding PR -- closing it now.