fix(forte-drop-pg-backup): set MC_CONFIG_DIR so mc can write its config
/ test (pull_request) Successful in 8s
/ test (pull_request) Successful in 8s
The backup CronJob runs as uid 65532 (runAsNonRoot). mc defaulted its config dir to $HOME/.mc = /.mc and failed with "mkdir /.mc: permission denied" on the non-writable root fs — every nightly run died before uploading, so there are currently no backups in s3://drops/_pgbackups/. Point MC_CONFIG_DIR at the shared /work emptyDir (writable via fsGroup). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
Sten
@@ -77,6 +77,12 @@ spec:
|
|||||||
mc rm --recursive --force --older-than 30d "obj/${S3_BUCKET}/_pgbackups/" || true
|
mc rm --recursive --force --older-than 30d "obj/${S3_BUCKET}/_pgbackups/" || true
|
||||||
echo "backup retention pass complete"
|
echo "backup retention pass complete"
|
||||||
env:
|
env:
|
||||||
|
# mc writes its config under $MC_CONFIG_DIR; point it at the shared
|
||||||
|
# emptyDir (writable by uid 65532 via fsGroup). Without this it tries
|
||||||
|
# to mkdir /.mc on the read-only-to-nonroot root fs -> "mkdir /.mc:
|
||||||
|
# permission denied" and every run fails before uploading.
|
||||||
|
- name: MC_CONFIG_DIR
|
||||||
|
value: "/work/.mc"
|
||||||
- name: S3_ENDPOINT
|
- name: S3_ENDPOINT
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef: { name: forte-drop-secrets, key: S3_ENDPOINT }
|
secretKeyRef: { name: forte-drop-secrets, key: S3_ENDPOINT }
|
||||||
|
|||||||
Reference in New Issue
Block a user