From 2f42b33462c5f8263d46982a55be8a2894fe80d5 Mon Sep 17 00:00:00 2001
From: Dusty Mabe <dusty@dustymabe.com>
Date: Wed, 14 Dec 2022 14:21:51 -0500
Subject: [PATCH] openshift-apps: add supplemental groups to
 fedora-ostree-pruner

This is similar to what we've done for coreos-ostree-importer. See
https://pagure.io/releng/issue/8811#comment-629051 for more information.
---
 .../fedora-ostree-pruner/templates/deploymentconfig.yml       | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/openshift-apps/fedora-ostree-pruner/templates/deploymentconfig.yml b/roles/openshift-apps/fedora-ostree-pruner/templates/deploymentconfig.yml
index 9fc3326522..8d736cb897 100644
--- a/roles/openshift-apps/fedora-ostree-pruner/templates/deploymentconfig.yml
+++ b/roles/openshift-apps/fedora-ostree-pruner/templates/deploymentconfig.yml
@@ -28,6 +28,10 @@ spec:
         image: ""
         imagePullPolicy: IfNotPresent
         resources: {}
+      # The files in the ostree volumes are created with group ownership of 263.
+      # We need to have 263 in our supplemental groups. See https://pagure.io/releng/issue/8811#comment-629051
+      securityContext:
+        supplementalGroups: [263]
       volumes:
       - name: fedora-ostree-content-volume
         persistentVolumeClaim: