Add vault folder permissions

MinBZK · Jan 28, 2025 · 9b3c0db · 9b3c0db
1 parent 46710f9
commit 9b3c0db
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 12 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -53,16 +53,16 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v7
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          commit-message: "Fix formatting issues"
-          branch: prettier-fix
-          branch-suffix: short-commit-hash
-          title: "Prettier: Fix formatting issues"
-          body: |
-            Fix prettier formattin issues
+      # - name: Create Pull Request
+      #   uses: peter-evans/create-pull-request@v7
+      #   with:
+      #     token: ${{ secrets.GITHUB_TOKEN }}
+      #     commit-message: "Fix formatting issues"
+      #     branch: prettier-fix
+      #     branch-suffix: short-commit-hash
+      #     title: "Prettier: Fix formatting issues"
+      #     body: |
+      #       Fix prettier formattin issues
 
   checkov:
     name: checkov

diff --git a/base/vault/statefullset.yaml b/base/vault/statefullset.yaml
@@ -19,10 +19,20 @@ spec:
     spec:
       automountServiceAccountToken: false
       securityContext:
-        runAsNonRoot: true
         runAsGroup: 1000
-        runAsUser: 100
+        runAsUser: 1000
         fsGroup: 1000
+      initContainers:
+        - name: set-permissions
+          securityContext:
+            runAsUser: 0
+          image: busybox:1.37.0
+          command: ['sh', '-c', "chown -R 1000:1000 /vault/data", "chmod -R 750 /vault/data"]
+          volumeMounts:
+            - name: config
+              mountPath: /vault/config
+            - name: data
+              mountPath: /vault/data
       containers:
         - name: vault
           image: hashicorp/vault:1.16.1