Tero Saarni 96306f144a Set permissions on volume before publishing update ...

This change fixes a race condition that was caused by setting the file owner,
group and mode non-atomically, after the updated files had been published.

Users who were running non-root containers, without GID 0 permissions, and
had removed read permissions from other users by setting defaultMode: 0440 or
similar, were getting intermittent permission denied errors when accessing
files on secret or configmap volumes or service account tokens on projected
volumes during update.

2022-12-24 07:59:41 +02:00

..

configmap_test.go

various corrections in pkg/volume

2022-09-16 16:42:06 +05:30

configmap.go

Set permissions on volume before publishing update

2022-12-24 07:59:41 +02:00

doc.go

…

OWNERS

OWNERS cleanup - Jan 2021 Week 1

2022-01-10 08:14:29 -05:00