mirrormanager: try adding ftpsync as supplementary group

Right now mirrormanage isn't able to update mirrorlists because we have a pre bitflip release thats not open to it. It gets a perm denied and just crashes. We use this pattern already in coreos where they have to deal with ftpsync owned content (although it's writing there, not reading). See: https://github.com/fedora-infra/mirrormanager2/issues/407 Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2024-10-26 11:33:48 -07:00 · 2024-10-26 11:33:48 -07:00 · 469dbff21b
commit 469dbff21b
parent 912cac3238
1 changed files with 2 additions and 0 deletions
--- a/roles/openshift-apps/mirrormanager/templates/deploymentconfig.yml
+++ b/roles/openshift-apps/mirrormanager/templates/deploymentconfig.yml
@ -59,6 +59,8 @@ spec:
            - name: secrets
              mountPath: "/etc/mirrormanager-secrets"
              readOnly: true
+      securityContext:
+        supplementalGroups: [263]

      volumes:
        {{ common_volumes() }}