helm-charts icon indicating copy to clipboard operation
helm-charts copied to clipboard

Published 20 hours ago verified publisher icon runatlantis

gitconfig secret postStart hook fails due to chown operation

Open gtg3vv opened this issue 2 years ago • 0 comments

We're currently running atlantis as non-root in an openshift cluster and setting either of:

# gitconfig: |
# gitconfigSecretName: 'atlantis-git-config'

causes container startup to fail with chown: /home/atlantis/.gitconfig: Operation not permitted , message: "chown: /home/atlantis/.gitconfig: Operation not permitted

I was able to work around by mounting directly with an external secret (shown below), but is there any reason git-config can't use the same mount pattern as aws-credentials? I didn't anything related to this in the docs so I was just following the chart comments

extraVolumes:
  - name: gitconfig-volume
    secret:
      secretName: atlantis-git-config
      items:
      - key: gitconfig
        path: .gitconfig

# Optionally specify additional volume mounts for the container.
# extraVolumeMounts: []
extraVolumeMounts:
  - name: gitconfig-volume
    mountPath: "/home/atlantis/.gitconfig"
    subPath: .gitconfig
    readOnly: true

gtg3vv avatar Dec 07 '21 13:12 gtg3vv