Enable precreate subpaths property by default in templates

The property CHE_INFRA_KUBERNETES_PVC_PRECREATE__SUBPATHS is required for PVC cleanup on current versions of Kubernetes/OpenShift. Without the property enabled, subpaths are created in PVCs by Kubernetes when they are needed for pods. However, only the leaf directory created in this way has write permissions for nonroot users. As a result, the cleanup pod cannot delete directories created (e.g. the workspaceX/projects) directory. For more details, see eclipse-che#12445 Signed-off-by: Angel Misevski <amisevsk@redhat.com>
amisevsk · Jan 24, 2019 · 1b1d2ba · 1b1d2ba
1 parent c7e0919
commit 1b1d2ba
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/deploy/kubernetes/helm/che/templates/configmap.yaml b/deploy/kubernetes/helm/che/templates/configmap.yaml
@@ -53,7 +53,7 @@ data:
   CHE_INFRA_KUBERNETES_TRUST__CERTS: "false"
   CHE_INFRA_KUBERNETES_PVC_STRATEGY: "common"
   CHE_INFRA_KUBERNETES_PVC_QUANTITY: {{ .Values.global.pvcClaim }}
-  CHE_INFRA_KUBERNETES_PVC_PRECREATE__SUBPATHS: "false"
+  CHE_INFRA_KUBERNETES_PVC_PRECREATE__SUBPATHS: "true"
   CHE_INFRA_KUBERNETES_POD_SECURITY__CONTEXT_RUN__AS__USER: "0"
   CHE_INFRA_KUBERNETES_POD_SECURITY__CONTEXT_FS__GROUP: "0"
   CHE_LOCAL_CONF_DIR: /etc/conf

diff --git a/deploy/openshift/templates/che-server-template.yaml b/deploy/openshift/templates/che-server-template.yaml
@@ -300,7 +300,7 @@ parameters:
 - name: CHE_INFRA_KUBERNETES_PVC_PRECREATE__SUBPATHS
   displayName: Pre-create subpaths in PV
   description: Applied only if a common strategy is used. Required for Kubernetes versions before 1.6
-  value: 'false'
+  value: 'true'
 - name: CHE_OAUTH_GITHUB_CLIENTID
   displayName: GitHub Client ID
   description: GitHub oAuth app client ID. Applicable to Che single user only!