From bf6c233e267abc59c7c24260ce81f77f152491fc Mon Sep 17 00:00:00 2001 From: pieter Date: Thu, 20 Nov 2025 23:46:50 +0000 Subject: [PATCH] =?UTF-8?q?templates/deployment.yaml=20=E3=82=92=E6=9B=B4?= =?UTF-8?q?=E6=96=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- templates/deployment.yaml | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/templates/deployment.yaml b/templates/deployment.yaml index e6bf23d..0823683 100644 --- a/templates/deployment.yaml +++ b/templates/deployment.yaml @@ -14,6 +14,9 @@ spec: labels: {{- include "wordpress-nginx.selectorLabels" . | nindent 8 }} spec: + securityContext: + fsGroup: 82 + fsGroupChangePolicy: "OnRootMismatch" initContainers: - name: wordpress-init image: "{{ .Values.image.wordpress.registry }}/{{ .Values.image.wordpress.repository }}:{{ .Values.image.wordpress.tag }}" @@ -22,12 +25,19 @@ spec: args: - | if [ ! -f /var/www/html/wp-config.php ]; then - cp -r /usr/src/wordpress/* /var/www/html/ - chown -R www-data:www-data /var/www/html + echo "Initializing WordPress files..." + cp -rp /usr/src/wordpress/* /var/www/html/ 2>/dev/null || true + echo "WordPress files copied successfully" + else + echo "WordPress already initialized" fi volumeMounts: - name: wordpress-data mountPath: /var/www/html + securityContext: + runAsUser: 82 + runAsGroup: 82 + fsGroup: 82 containers: - name: nginx image: "{{ .Values.image.nginx.registry }}/{{ .Values.image.nginx.repository }}:{{ .Values.image.nginx.tag }}" @@ -53,6 +63,9 @@ spec: - name: wordpress image: "{{ .Values.image.wordpress.registry }}/{{ .Values.image.wordpress.repository }}:{{ .Values.image.wordpress.tag }}" imagePullPolicy: {{ .Values.image.wordpress.pullPolicy }} + securityContext: + runAsUser: 82 + runAsGroup: 82 env: - name: WORDPRESS_DB_HOST value: {{ .Values.wordpress.dbHost | quote }}