fix

apps/dbgate/configs.tf

@@ -51,6 +51,26 @@ locals {
   connection_secrets = merge(local.pg_secrets,local.mongo_secrets)
 }
 
+
+resource "kubectl_manifest" "dbgate-init" {
+  yaml_body  = <<-EOF
+    apiVersion: v1
+    kind: ConfigMap
+    metadata:
+      name: "${var.component}-${var.instance}-init"
+      namespace: "${var.namespace}"
+      labels: ${jsonencode(local.common-labels)}
+    data:
+      start.sh: |-
+        cp /etc/local-ca/ca.crt /usr/local/share/ca-certificates/
+        /usr/sbin/update-ca-certificates
+        /bin/su - node -c /entrypoint.sh "$@"
+        sleep infinity
+  EOF
+}
+
+
+
 resource "kubectl_manifest" "dbgate-config" {
   yaml_body  = <<-EOF
     apiVersion: v1

apps/dbgate/deploy.tf

@@ -22,8 +22,7 @@ resource "kubectl_manifest" "deploy" {
             securityContext:
               fsGroup: 1000
               runAsGroup: 1000
-              runAsNonRoot: true
-              runAsUser: 1000
+              runAsUser: 0
             envFrom:
             - secretRef:
                 name: "${var.component}-${var.instance}"
@@ -42,6 +41,8 @@ resource "kubectl_manifest" "deploy" {
                 secretKeyRef:
                   name: "${var.component}-${var.instance}-secret"
                   key: client-secret
+            command:
+            - /start.sh
             image: "${var.images.dbgate.registry}/${var.images.dbgate.repository}:${var.images.dbgate.tag}"
             imagePullPolicy: "${var.images.dbgate.pullPolicy}"
             ports:
@@ -72,6 +73,9 @@ resource "kubectl_manifest" "deploy" {
               readOnly: true
             - name: data
               mountPath: /home/node/.dbgate
+            - name: init
+              mountPath: "/start.sh"
+              subPath: "start.sh"
           restartPolicy: Always
           securityContext:
             fsGroup: 1000
@@ -88,5 +92,9 @@ resource "kubectl_manifest" "deploy" {
               claimName: "${var.component}-${var.instance}"
           - name: run
             emptyDir: {}
+          - name: init
+            configMap:
+              name: "${var.component}-${var.instance}-init"
+              defaultMode: 0777
   EOF
 }

apps/dbgate/index.yaml

@@ -6,38 +6,6 @@ metadata:
   name: dbgate
   description: null
 options:
-  sub-domain:
-    default: dbgate
-    examples:
-    - dbgate
-    type: string
-  storage:
-    default:
-      accessMode: ReadWriteOnce
-      size: 1Gi
-      type: Filesystem
-    examples:
-    - accessMode: ReadWriteOnce
-      size: 1Gi
-      type: Filesystem
-    properties:
-      accessMode:
-        default: ReadWriteOnce
-        enum:
-        - ReadWriteOnce
-        - ReadOnlyMany
-        - ReadWriteMany
-        type: string
-      size:
-        default: 1Gi
-        type: string
-      type:
-        default: Filesystem
-        enum:
-        - Filesystem
-        - Block
-        type: string
-    type: object
   maria:
     default: []
     examples:
@@ -67,60 +35,16 @@ options:
           type: string
       type: object
     type: array
-  mongo:
-    default: []
+  app-group:
+    default: dev
     examples:
-    - []
-    items:
-      properties:
-        dbname:
-          default: ''
-          type: string
-        name:
-          default: ''
-          type: string
-        namespace:
-          default: ''
-          type: string
-        secret:
-          properties:
-            key:
-              default: ''
-              type: string
-            name:
-              default: ''
-              type: string
-          type: object
-        username:
-          default: ''
-          type: string
-      type: object
-    type: array
-  issuer:
-    default: letsencrypt-prod
-    examples:
-    - letsencrypt-prod
-    type: string
-  domain-name:
-    default: your_company.com
-    examples:
-    - your_company.com
+    - dev
     type: string
   domain:
     default: your-company
     examples:
     - your-company
     type: string
-  ingress-class:
-    default: traefik
-    examples:
-    - traefik
-    type: string
-  app-group:
-    default: dev
-    examples:
-    - dev
-    type: string
   images:
     default:
       dbgate:
@@ -189,6 +113,82 @@ options:
           type: string
       type: object
     type: array
+  sub-domain:
+    default: dbgate
+    examples:
+    - dbgate
+    type: string
+  issuer:
+    default: letsencrypt-prod
+    examples:
+    - letsencrypt-prod
+    type: string
+  mongo:
+    default: []
+    examples:
+    - []
+    items:
+      properties:
+        dbname:
+          default: ''
+          type: string
+        name:
+          default: ''
+          type: string
+        namespace:
+          default: ''
+          type: string
+        secret:
+          properties:
+            key:
+              default: ''
+              type: string
+            name:
+              default: ''
+              type: string
+          type: object
+        username:
+          default: ''
+          type: string
+      type: object
+    type: array
+  ingress-class:
+    default: traefik
+    examples:
+    - traefik
+    type: string
+  domain-name:
+    default: your_company.com
+    examples:
+    - your_company.com
+    type: string
+  storage:
+    default:
+      accessMode: ReadWriteOnce
+      size: 1Gi
+      type: Filesystem
+    examples:
+    - accessMode: ReadWriteOnce
+      size: 1Gi
+      type: Filesystem
+    properties:
+      accessMode:
+        default: ReadWriteOnce
+        enum:
+        - ReadWriteOnce
+        - ReadOnlyMany
+        - ReadWriteMany
+        type: string
+      size:
+        default: 1Gi
+        type: string
+      type:
+        default: Filesystem
+        enum:
+        - Filesystem
+        - Block
+        type: string
+    type: object
 dependencies:
 - dist: null
   category: share