diff --git a/templates/deployment.yaml b/templates/deployment.yaml index 6533fc9..1bfa2f7 100644 --- a/templates/deployment.yaml +++ b/templates/deployment.yaml @@ -30,12 +30,26 @@ spec: securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} initContainers: - - name: init-php-fpm + - name: copy-phpmyadmin image: "{{ .Values.image.phpmyadmin.registry }}/{{ .Values.image.phpmyadmin.repository }}:{{ .Values.image.phpmyadmin.tag }}" imagePullPolicy: {{ .Values.image.phpmyadmin.pullPolicy }} - command: ['sh', '-c', 'echo "PHP-FPM init container completed"'] + command: + - sh + - -c + - | + echo "Copying phpMyAdmin files to shared volume..." + cp -rp /var/www/html/. /tmp/phpmyadmin/ + echo "Copy completed successfully" securityContext: - {{- toYaml .Values.securityContext.phpmyadmin | nindent 10 }} + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsNonRoot: true + runAsUser: 82 + volumeMounts: + - name: phpmyadmin-data + mountPath: /tmp/phpmyadmin containers: - name: nginx securityContext: @@ -79,7 +93,6 @@ spec: mountPath: /var/run - name: phpmyadmin-data mountPath: /var/www/html - readOnly: true - name: phpmyadmin securityContext: {{- toYaml .Values.securityContext.phpmyadmin | nindent 10 }} @@ -134,6 +147,10 @@ spec: volumeMounts: - name: phpmyadmin-data mountPath: /var/www/html + - name: phpmyadmin-config + mountPath: /etc/phpmyadmin/config.user.inc.php + subPath: config.inc.php + readOnly: true {{- if .Values.persistence.enabled }} - name: sessions mountPath: /sessions @@ -153,6 +170,12 @@ spec: items: - key: default.conf path: default.conf + - name: phpmyadmin-config + configMap: + name: {{ include "phpmyadmin-nginx.fullname" . }} + items: + - key: config.inc.php + path: config.inc.php - name: nginx-cache emptyDir: {} - name: nginx-run