From c5ed6c9a5282fac078fc5b480d948d15b8e29070 Mon Sep 17 00:00:00 2001
From: zimbatm <zimbatm@zimbatm.com>
Date: Sun, 3 Nov 2019 11:55:36 +0100
Subject: [PATCH] spilo_fsgroup: set to 103 by default

---
 charts/postgres-operator/values-crd.yaml                 | 3 +--
 charts/postgres-operator/values.yaml                     | 2 +-
 manifests/configmap.yaml                                 | 1 +
 manifests/postgresql-operator-default-configuration.yaml | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/charts/postgres-operator/values-crd.yaml b/charts/postgres-operator/values-crd.yaml
index 06a5b483f..1222a2db9 100644
--- a/charts/postgres-operator/values-crd.yaml
+++ b/charts/postgres-operator/values-crd.yaml
@@ -95,8 +95,7 @@ configKubernetes:
   # template for database user secrets generated by the operator
   secret_name_template: "{username}.{cluster}.credentials.{tprkind}.{tprgroup}"
   # group ID with write-access to volumes (required to run Spilo as non-root process)
-  # spilo_fsgroup: 103
-
+  spilo_fsgroup: 103
   # whether the Spilo container should run in privileged mode
   spilo_privileged: false
   # operator watches for postgres objects in the given namespace
diff --git a/charts/postgres-operator/values.yaml b/charts/postgres-operator/values.yaml
index 2c499a036..b8514cd79 100644
--- a/charts/postgres-operator/values.yaml
+++ b/charts/postgres-operator/values.yaml
@@ -91,7 +91,7 @@ configKubernetes:
   # template for database user secrets generated by the operator
   secret_name_template: '{username}.{cluster}.credentials'
   # group ID with write-access to volumes (required to run Spilo as non-root process)
-  # spilo_fsgroup: "103"
+  spilo_fsgroup: "103"
 
   # whether the Spilo container should run in privileged mode
   spilo_privileged: "false"
diff --git a/manifests/configmap.yaml b/manifests/configmap.yaml
index c64e45cbd..99b64e3ed 100644
--- a/manifests/configmap.yaml
+++ b/manifests/configmap.yaml
@@ -69,6 +69,7 @@ data:
   secret_name_template: "{username}.{cluster}.credentials"
   # sidecar_docker_images: ""
   # set_memory_request_to_limit: "false"
+  spilo_fsgroup: "103"
   spilo_privileged: "false"
   super_username: postgres
   # team_admin_role: "admin"
diff --git a/manifests/postgresql-operator-default-configuration.yaml b/manifests/postgresql-operator-default-configuration.yaml
index e1ecd1038..7933835b5 100644
--- a/manifests/postgresql-operator-default-configuration.yaml
+++ b/manifests/postgresql-operator-default-configuration.yaml
@@ -41,7 +41,7 @@ configuration:
     pod_service_account_name: operator
     pod_terminate_grace_period: 5m
     secret_name_template: "{username}.{cluster}.credentials.{tprkind}.{tprgroup}"
-    # spilo_fsgroup: 103
+    spilo_fsgroup: 103
     spilo_privileged: false
     # toleration: {}
     # watched_namespace:""