search

microcks / microcks-operator

New Kubernetes Operator for easy setup and management of Microcks entities
https://microcks.io
Apache License 2.0
7 stars 3 forks source link

Add ability to configure MongoDB `securityContext` #58

Closed lbroudoux closed 2 weeks ago

lbroudoux commented 3 weeks ago

Reason/Context

Depending on your Kubernetes distrib and the solution you're using for persistent volumes, MongoDB can face permissions related issues when accessing to the underlying volume. See this old issue: https://github.com/microcks/microcks/issues/322

Description

We should provide the ability to override the default non-privileged, empty security context of the MongoDB pod to adapt to such cases.

Implementation ideas

The idea is to provide the ability to specify it via the CR like below:

apiVersion: microcks.io/v1alpha1
kind: Microcks
metadata:
  name: microcks
spec:
  version: nightly
  microcks:
    url: microcks.m2.minikube.local
  keycloak:
    url: keycloak.m2.minikube.local
  mongodb:
    securityContext:
      runAsUser: 999
      runAsGroup: 999
      fsGroup: 999