From 58c68a8b4257974e9e667619532a5516a49bc67d Mon Sep 17 00:00:00 2001
From: Berry den Hartog <38954346+berrydenhartog@users.noreply.github.com>
Date: Tue, 28 Jan 2025 09:20:07 +0100
Subject: [PATCH] Add vault folder permissions

---
 base/vault/statefullset.yaml | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/base/vault/statefullset.yaml b/base/vault/statefullset.yaml
index 1b7ace9..3ecd896 100644
--- a/base/vault/statefullset.yaml
+++ b/base/vault/statefullset.yaml
@@ -21,8 +21,19 @@ spec:
       securityContext:
         runAsNonRoot: true
         runAsGroup: 1000
-        runAsUser: 100
+        runAsUser: 1000
         fsGroup: 1000
+      initContainers:
+        - name: set-permissions
+          securityContext:
+            runAsUser: 0
+          image: busybox:1.37.0
+          command: ['sh', '-c', "chown -R 1000:1000 /vault/data", "chmod -R 750 /vault/data"]
+          volumeMounts:
+            - name: config
+              mountPath: /vault/config
+            - name: data
+              mountPath: /vault/data
       containers:
         - name: vault
           image: hashicorp/vault:1.16.1