'Permission denied on Kubernetes InitContainer while running command
I'm trying to add a certificate bundle to an existing certificate bundle file in a container. But I'm getting the error permission denied. I'm aware this is due to the PSP my company has initialised. It's not possible to run this container as root. Is there another way to add something to an existing file bypassing the permission issue?
This is a part of my values.yml file for the Nexus Helm chart:
initContainers:
- name: ca-store
image: ******/docker.io/library/busybox:1.34.1
volumeMounts:
- name: ca-store
mountPath: /usr/local/share/ca-certificates/tls-ca-bundle.crt
subPath: tls-ca-bundle.crt
readOnly: true
# command: ['/bin/sh', '-c', 'cd /etc/ssl/certs && ls -lhrt']
command: ['/bin/sh', '-c', 'cat /usr/local/share/ca-certificates/tls-ca-bundle.crt >> /etc/ssl/certs/ca-certificates.crt']
postStart:
command: # '["/bin/sh", "-c", "cat /usr/local/share/ca-certificates/tls-ca-bundle.crt >> /etc/ssl/certs/ca-certificates.crt"]'
preStart:
command: # '["/bin/rm", "-f", "/path/to/lockfile"]'
additionalVolumes:
- name: ca-store
configMap:
name: ca-store
additionalVolumeMounts:
# - name: ca-store
# mountPath: /usr/local/share/ca-certificates/tls-ca-bundle.crt
# subPath: tls-ca-bundle.crt
# readOnly: true
So anybody ideas?
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|