kubernetes
/
git-sync
mirror of https://github.com/kubernetes/git-sync.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update ssh.md 

Adding requirement for runAsRoot and suggested configuration for defaultMode.  These are required after previous change to remove the chmod on the key.
This commit is contained in:
Steve Jernigan 2017-02-17 11:08:25 -05:00 committed by GitHub
parent cf2f9135f1
commit 20f4c73cb7
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/ssh.md
View File

@ -40,7 +40,8 @@ volumes: [
{
"name": "git-secret",
"secret": {
"secretName": "git-creds"
"secretName": "git-creds",
"defaultMode": 256
}
},
...
@ -71,6 +72,9 @@ In your git-sync container configuration, mount the Secret Volume at "/etc/git-s
},
...
],
securityContext: {
"runAsUser": 0
}
}
```
**Note:** Kubernetes mounts the Secret with permissions 0444 by default (not restrictive enough to be used as an SSH key), so make sure you use secret volume with `defaultMode: 256` (decimal number for octal 0400).
**Note:** Kubernetes mounts the Secret with permissions 0444 by default (not restrictive enough to be used as an SSH key), so make sure you use secret volume with `defaultMode: 256` (decimal number for octal 0400) and run the container as root.