Concourse currently requires to run as root in kubernetes, this boils down to defaultMode being forced on via the helm template, as if you change the uid/gid to anything other than 0:0 (root) it cannot be read.
Changes proposed in this pull request
Remove defaultMode from the web deployment to allow Concourse to run in a secure way in kubernetes
Contributor Checklist
[X] Variables are documented in the README.md
[X] Which branch are you merging into?
master is for changes related to the current release of the concourse/concourse:latest image and should be good to publish immediately
dev is for changes related to the next release of Concourse (aka unpublished code on master in concourse/concourse)
Reviewer Checklist
This section is intended for the core maintainers only, to track review progress. Please do not
fill out this section.
[ ] Code reviewed
[ ] Topgun tests run
[ ] Back-port if needed
[ ] Is the correct branch targeted? (master or dev)
Existing Issue
None currently
Why do we need this PR?
Concourse currently requires to run as root in kubernetes, this boils down to
defaultModebeing forced on via the helm template, as if you change the uid/gid to anything other than 0:0 (root) it cannot be read.Changes proposed in this pull request
defaultModefrom the web deployment to allow Concourse to run in a secure way in kubernetesContributor Checklist
README.mdmasteris for changes related to the current release of theconcourse/concourse:latestimage and should be good to publish immediatelydevis for changes related to the next release of Concourse (aka unpublished code onmasterin concourse/concourse)Reviewer Checklist