search

apache / solr-operator

Official Kubernetes operator for Apache Solr
https://solr.apache.org/operator
Apache License 2.0
243 stars 111 forks source link

Use correct user for chmod command in cp-solr-xml init container #520

Closed a-nych closed 1 year ago

a-nych commented 1 year ago

Resolves #519.

HoustonPutman commented 1 year ago

@a-nych I'm pushing for a v0.7.0 release soon and it would be great to get this in there. Do you have any more info for my runAsUser vs runAsGroup question?

HoustonPutman commented 1 year ago

@a-nych pinging again so that we can get this in the upcoming release

HoustonPutman commented 1 year ago

So I have a general question about this. We only specify the fsGroup by default. Do we not want to use the fsGroup provided in the custom PodSecurityContext?

We do want to use the fsGroup, since that is what is used for volumes. I am also making sure to use 8983 as the default fsGroup when a custom podSecurityContext is provided that doesn't use an fsGroup.

a-nych commented 1 year ago

Hi,

Sorry for not responding - somehow missed these notifications. I will take a thorough look at this tomorrow.

pon., 17 kwi 2023, 22:40 użytkownik Houston Putman @.***> napisał:

So I have a general question about this. We only specify the fsGroup by default https://github.com/apache/solr-operator/blob/main/controllers/util/solr_util.go#L479. Do we not want to use the fsGroup provided in the custom PodSecurityContext?

We do want to use the fsGroup, since that is what is used for volumes. I am also making sure to use 8983 as the default fsGroup when a custom podSecurityContext is provided that doesn't use an fsGroup.

— Reply to this email directly, view it on GitHub https://github.com/apache/solr-operator/pull/520#issuecomment-1512057325, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACHEM53E4JCDET5JXQ6UOCDXBWTEJANCNFSM6AAAAAAUDWCU54 . You are receiving this because you were mentioned.Message ID: @.***>

HoustonPutman commented 1 year ago

Thanks @a-nych , I'm planning on trying to cut the release by early afternoon tomorrow (EST timezone), so if you could get your review in early that'd be great!

HoustonPutman commented 1 year ago

Had to include some fixes for https://github.com/apache/solr-operator/pull/548 and https://github.com/apache/solr-operator/issues/537 since the E2E tests wouldn't work without the fixes.

This should be good to go though, it's been thoroughly tested using the E2E testing framework.