File tree Expand file tree Collapse file tree 2 files changed +7
-0
lines changed Expand file tree Collapse file tree 2 files changed +7
-0
lines changed Original file line number Diff line number Diff line change @@ -193,13 +193,19 @@ configKubernetes:
193193 secret_name_template : " {username}.{cluster}.credentials.{tprkind}.{tprgroup}"
194194 # sharing unix socket of PostgreSQL (`pg_socket`) with the sidecars
195195 share_pgsocket_with_sidecars : false
196+
196197 # set user and group for the spilo container (required to run Spilo as non-root process)
197198 # spilo_runasuser: 101
198199 # spilo_runasgroup: 103
199200
200201 # group ID with write-access to volumes (required to run Spilo as non-root process)
201202 # spilo_fsgroup: 103
202203
204+ # Configure volume permission and the ownership change policy for Pods
205+ # Valid options are undefined, OnRootMismatch, Always
206+ # See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#configure-volume-permission-and-ownership-change-policy-for-pods
207+ # pod_fs_group_change_policy: OnRootMismatch
208+
203209 # whether the Spilo container should run in privileged mode
204210 spilo_privileged : false
205211 # whether the Spilo container should run with additional permissions other than parent.
Original file line number Diff line number Diff line change @@ -151,6 +151,7 @@ data:
151151 # spilo_runasuser: 101
152152 # spilo_runasgroup: 103
153153 # spilo_fsgroup: 103
154+ # pod_fs_group_change_policy: OnRootMismatch
154155 spilo_privileged : " false"
155156 storage_resize_mode : " pvc"
156157 super_username : postgres
You can’t perform that action at this time.
0 commit comments