readOnlyRootFilesystem to true in Kubernetes #7330
Comments
|
also looking for a solution to this 👍 |
|
Hey, is there any solution for this? |
|
Working fine. |
|
Hello, will you release an image soon ? |
|
@albundy83 |
|
@yogeshmahajan-1903 good to know, I'm going to try this out in the next days and provide feedback. |
|
Hello, I have set it to If you really need to not override the file each time we start pgadmin container (but maybe it's not a good idea anymore), we could convert the line to this: if [ ! -e "${CONFIG_DISTRO_FILE_PATH}" ] || [ "$(wc -m "${CONFIG_DISTRO_FILE_PATH}" 2>/dev/null | awk '{ print $1 }')" = "0" ]; then |
|
@albundy83, The fix looks good to me. you can raise the PR for the same. |
|
Hello, @khushboovashi here the PR #8258 |
Describe the solution you'd like
Hello,
it will be nice that files that are updated by
entrypoint.shfile be written to a dedicated empty folder.At least file
/pgadmin4/config_distro.py.For moment, we can't use an
emptyDirorpersistentVolumeClaimas there are many files in/pgadmin4folder.I will be a nice step to achieve a more secure pgadmin4 Deployment by being capable to set
readOnlyRootFilesystemto true.A clear and concise description of what you want to happen.
Describe alternatives you've considered
Generate my self the
/pgadmin4/config_distro.pyas ConfigMap or Secret and mount it but we should be able to disable generation.Specify a custom path for
/pgadmin4/config_distro.pywith ENV var.A clear and concise description of any alternative solutions or features you've considered.
Additional context
Add any other context or screenshots about the feature request here.
The text was updated successfully, but these errors were encountered: