Gitiles
Code Review Sign In
osm.etsi.org / osm / devops / 78c1cb4a99c2054187abe77eb7e15b67561bbd18^! / . / installers / docker / osm_pods / pol.yaml
commit78c1cb4a99c2054187abe77eb7e15b67561bbd18[log] [tgz]
authorsousaedu <eduardo.sousa@canonical.com>Thu Oct 14 15:16:59 2021 +0100
committerbeierlm <mark.beierl@canonical.com>Fri Feb 11 14:53:31 2022 +0100
treef6eda93e73e378c5b14ce682949d6d8040ca3cb9
parent46192482de2a210a701154687dbf2e1588852433 [diff] [blame]
Fix bug 1707 - Adding non-root user to run POL

Change-Id: I4b3df48e7c277de7ccd91b4a017577942ec4926f
Signed-off-by: sousaedu <eduardo.sousa@canonical.com>
(cherry picked from commit ce5d704ed7b2ea168d0a5d74e6d3558d5a262f3a)

diff --git a/installers/docker/osm_pods/pol.yaml b/installers/docker/osm_pods/pol.yaml
index 7f14225..5f562c2 100644
--- a/installers/docker/osm_pods/pol.yaml
+++ b/installers/docker/osm_pods/pol.yaml

@@ -30,6 +30,10 @@
       labels:
         app: pol
     spec:
+      securityContext:
+        runAsUser: 1000
+        runAsGroup: 1000
+        fsGroup: 1000
       initContainers:
       - name: kafka-mongo-test
         image: alpine:latest
@@ -47,10 +51,3 @@
         envFrom:
         - secretRef:
              name: pol-secret
-        volumeMounts:
-        - name: db
-          mountPath: /app/database
-      volumes:
-      - name: db
-        hostPath:
-         path: /var/lib/osm/osm_pol_db/_data