fix

2023-10-15 18:27:52 +02:00
parent 1a9e136a39
commit d0cccb5177
2 changed files with 76 additions and 78 deletions
--- a/apps/dbgate/deploy.tf
+++ b/apps/dbgate/deploy.tf
@@ -17,11 +17,6 @@ resource "kubectl_manifest" "deploy" {
          securityContext:
            fsGroup: 1000
            runAsGroup: 1000
-          volumes:
-          - name: certs
-            secret:
-              secretName: "${var.instance}-cert"
-              defaultMode: 0444
          containers:
          - name: dbgate
            securityContext:
@@ -29,10 +24,6 @@ resource "kubectl_manifest" "deploy" {
              runAsGroup: 1000
              runAsNonRoot: true
              runAsUser: 1000
-            volumeMounts:
-            - name: certs
-              mountPath: /etc/local-ca
-              readOnly: true
            envFrom:
            - secretRef:
                name: "${var.component}-${var.instance}"
@@ -76,6 +67,9 @@ resource "kubectl_manifest" "deploy" {
              successThreshold: 1
              timeoutSeconds: 1
            volumeMounts:
+            - name: certs
+              mountPath: /etc/local-ca
+              readOnly: true
            - name: data
              mountPath: /home/node/.dbgate
          restartPolicy: Always
@@ -85,6 +79,10 @@ resource "kubectl_manifest" "deploy" {
            runAsNonRoot: true
            runAsUser: 1000
          volumes:
+          - name: certs
+            secret:
+              secretName: "${var.instance}-cert"
+              defaultMode: 0444
          - name: data
            persistentVolumeClaim:
              claimName: "${var.component}-${var.instance}"