Set 600 file permissons to mounted SSH keys (#14791)

In order to avoid UNPROTECTED PRIVATE KEY FILE Error while ssh operations, set 600 file permissions level to all mounted SSH keys.
eclipse-che · Oct 9, 2019 · fa762ff · fa762ff
1 parent 9370bbb
commit fa762ff
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/.../org/eclipse/che/workspace/infrastructure/kubernetes/provision/VcsSshKeysProvisioner.java b/.../org/eclipse/che/workspace/infrastructure/kubernetes/provision/VcsSshKeysProvisioner.java
@@ -160,7 +160,11 @@ private void mountSshKeySecret(String secretName, String sshKeyName, PodSpec pod
         .add(
             new VolumeBuilder()
                 .withName(secretName)
-                .withSecret(new SecretVolumeSourceBuilder().withSecretName(secretName).build())
+                .withSecret(
+                    new SecretVolumeSourceBuilder()
+                        .withSecretName(secretName)
+                        .withDefaultMode(0600)
+                        .build())
                 .build());
     List<Container> containers = podSpec.getContainers();
     containers.forEach(