Skip to content
This repository has been archived by the owner on May 3, 2022. It is now read-only.

Commit

Permalink
Run as user node
Browse files Browse the repository at this point in the history
  • Loading branch information
@adamkingit
adamkingit committed Aug 3, 2020
1 parent 30f4911 commit 3823aa4
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 3 deletions.
5 changes: 5 additions & 0 deletions build/process-template.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,11 @@ export TRAVIS_COMMIT
GIT_REMOTE="$(git remote get-url origin)"
export GIT_REMOTE

NODE_USER_ID="$(docker run -it node:lts-alpine /usr/bin/id -u node | tr -d '\r' | tr -d '\n')"
export NODE_USER_ID
NODE_GROUP_ID="$(docker run -it node:lts-alpine /usr/bin/id -g node | tr -d '\r' | tr -d '\n')"
export NODE_GROUP_ID

envsubst <"${THIS_DIR}/viewTemplate.json" >/tmp/view.json

npx mustache /tmp/view.json "${FILE}"
4 changes: 3 additions & 1 deletion build/viewTemplate.json
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
{
"TRAVIS_COMMIT": "${TRAVIS_COMMIT}",
"TRAVIS_TAG": "${TRAVIS_TAG}",
"GIT_REMOTE": "${GIT_REMOTE}"
"GIT_REMOTE": "${GIT_REMOTE}",
"NODE_USER_ID": "${NODE_USER_ID}",
"NODE_GROUP_ID": "${NODE_GROUP_ID}"
}
14 changes: 12 additions & 2 deletions kubernetes/ManagedSet/resource.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,19 @@ kind: List
metadata:
name: managedset-controller-list
annotations:
version: "{{TRAVIS_COMMIT}}"
razee.io/git-repo: "{{{GIT_REMOTE}}}"
razee.io/commit-sha: "{{{TRAVIS_COMMIT}}}"
version: "{{{TRAVIS_COMMIT}}}"
type: array
items:
- apiVersion: apps/v1
kind: Deployment
metadata:
name: managedset-controller
annotations:
razee.io/git-repo: "{{{GIT_REMOTE}}}"
razee.io/commit-sha: "{{{TRAVIS_COMMIT}}}"
version: "{{{TRAVIS_COMMIT}}}"
labels:
razee/watch-resource: "lite"
spec:
Expand All @@ -27,8 +33,12 @@ items:
name: managedset-controller
spec:
serviceAccountName: razeedeploy-sa
securityContext:
runAsUser: {{{NODE_USER_ID}}}
runAsGroup: {{{NODE_GROUP_ID}}}
fsGroup: {{{NODE_GROUP_ID}}}
containers:
- image: "quay.io/razee/managedset:{{TRAVIS_TAG}}"
- image: "quay.io/razee/managedset:{{{TRAVIS_TAG}}}"
resources:
limits:
memory: 200Mi
Expand Down

0 comments on commit 3823aa4

Please sign in to comment.