charts icon indicating copy to clipboard operation
charts copied to clipboard
verified publisher icon streamnative

feat: add vault non-root support

Open urfreespace opened this issue 3 years ago • 3 comments

https://github.com/streamnative/charts/issues/840

Add vault non-root user vault (100:1000) support

vault:
  replicaCount: 1
  securityContext:  
    runAsUser: 100
    runAsGroup: 1000
    supplementalGroups: [100]
    fsGroup: 1000

images:
  vault_init:
    repository: urfreespace/pulsar_vault_init
    tag: "non-root-4"

Documentation

Check the box below.

Need to update docs?

  • [ ] doc-required

    (If you need help on updating docs, create a doc issue)

  • [x] no-need-doc

    (Please explain why)

  • [ ] doc

    (If this PR contains doc changes)

urfreespace avatar Aug 18 '22 11:08 urfreespace

Our vault-init image is based on the office vault image, and just added kubectl in, for now, it can meet the requirement

urfreespace avatar Aug 19 '22 01:08 urfreespace

Our vault-init image is based on the office vault image, and just added kubectl in, for now, it can meet the requirement

What does the kubectl inside this vault image used for? @urfreespace

maxsxu avatar Aug 24 '22 03:08 maxsxu

Our vault-init image is based on the office vault image, and just added kubectl in, for now, it can meet the requirement

What does the kubectl inside this vault image used for? @urfreespace

manage the relationship between vault super-token and the secret, I think, maybe @tuteng could know more

urfreespace avatar Aug 25 '22 05:08 urfreespace

@fantapsody PTAL

tuteng avatar Sep 09 '22 03:09 tuteng