helm-charts
helm-charts copied to clipboard
gitconfig secret postStart hook fails due to chown operation
We're currently running atlantis as non-root in an openshift cluster and setting either of:
# gitconfig: |
# gitconfigSecretName: 'atlantis-git-config'
causes container startup to fail with chown: /home/atlantis/.gitconfig: Operation not permitted , message: "chown: /home/atlantis/.gitconfig: Operation not permitted
I was able to work around by mounting directly with an external secret (shown below), but is there any reason git-config can't use the same mount pattern as aws-credentials? I didn't anything related to this in the docs so I was just following the chart comments
extraVolumes:
- name: gitconfig-volume
secret:
secretName: atlantis-git-config
items:
- key: gitconfig
path: .gitconfig
# Optionally specify additional volume mounts for the container.
# extraVolumeMounts: []
extraVolumeMounts:
- name: gitconfig-volume
mountPath: "/home/atlantis/.gitconfig"
subPath: .gitconfig
readOnly: true