From 530d05bc85a317a9d73f3f79c1694414a4fa98c7 Mon Sep 17 00:00:00 2001 From: Pavan Navarathna <6504783+pavannd1@users.noreply.github.com> Date: Mon, 18 Mar 2024 15:07:37 -0700 Subject: [PATCH] Update filesystem permissions in PostgreSQL app (#2760) * Update filesystem permissions in postgresql app * Run gofmt on the file --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> --- pkg/app/postgresql.go | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/pkg/app/postgresql.go b/pkg/app/postgresql.go index 4a7f612910..97d70043c5 100644 --- a/pkg/app/postgresql.go +++ b/pkg/app/postgresql.go @@ -50,15 +50,17 @@ func NewPostgresDB(name string, subPath string) App { RepoURL: helm.BitnamiRepoURL, Chart: "postgresql", Values: map[string]string{ - "image.pullPolicy": "Always", - "auth.postgresPassword": "test@54321", - "volumePermissions.enabled": "true", - "persistence.subPath": subPath, - "primary.networkPolicy.enabled": "false", - "primary.containerSecurityContext.seccompProfile.type": "Unconfined", - "primary.containerSecurityContext.capabilities.add[0]": "CHOWN", - "primary.containerSecurityContext.capabilities.add[1]": "FOWNER", - "primary.containerSecurityContext.capabilities.add[2]": "DAC_OVERRIDE", + "image.pullPolicy": "Always", + "auth.postgresPassword": "test@54321", + "persistence.subPath": subPath, + // The following values are customized to allow snapshot/restore operations. + "volumePermissions.enabled": "true", + "primary.networkPolicy.enabled": "false", + "primary.containerSecurityContext.seccompProfile.type": "Unconfined", + "primary.containerSecurityContext.capabilities.add[0]": "CHOWN", + "primary.containerSecurityContext.capabilities.add[1]": "FOWNER", + "primary.containerSecurityContext.capabilities.add[2]": "DAC_OVERRIDE", + "primary.containerSecurityContext.readOnlyRootFilesystem": "false", }, }, }