From fc0aee048c2a5c5f085d2a735fe1e425ec9e2ba9 Mon Sep 17 00:00:00 2001
From: Chris Bandy <chris.bandy@crunchydata.com>
Date: Thu, 3 Oct 2024 09:34:17 -0500
Subject: [PATCH] Keep pgAdmin configuration writable

The init container should have permission to write and replace these
files. Kubernetes ensures the application container cannot write to
them.

Issue: PGO-1280
---
 internal/controller/standalone_pgadmin/pod.go      | 11 +++++------
 internal/controller/standalone_pgadmin/pod_test.go |  8 ++++----
 2 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/internal/controller/standalone_pgadmin/pod.go b/internal/controller/standalone_pgadmin/pod.go
index c7ebe5a00..26327801b 100644
--- a/internal/controller/standalone_pgadmin/pod.go
+++ b/internal/controller/standalone_pgadmin/pod.go
@@ -430,12 +430,11 @@ with open('` + configMountPath + `/` + gunicornConfigFilePath + `') as _f:
 
 	script := strings.Join([]string{
 		// Use the initContainer to create this path to avoid the error noted here:
-		// - https://github.com/kubernetes/kubernetes/issues/121294
-		`mkdir -p /etc/pgadmin/conf.d`,
-		// Write the system configuration into a read-only file.
-		`(umask a-w && echo "$1" > ` + scriptMountPath + `/config_system.py` + `)`,
-		// Write the server configuration into a read-only file.
-		`(umask a-w && echo "$2" > ` + scriptMountPath + `/gunicorn_config.py` + `)`,
+		// - https://issue.k8s.io/121294
+		`mkdir -p ` + configMountPath,
+		// Write the system and server configurations.
+		`echo "$1" > ` + scriptMountPath + `/config_system.py`,
+		`echo "$2" > ` + scriptMountPath + `/gunicorn_config.py`,
 	}, "\n")
 
 	return append([]string{"bash", "-ceu", "--", script, "startup"}, args...)
diff --git a/internal/controller/standalone_pgadmin/pod_test.go b/internal/controller/standalone_pgadmin/pod_test.go
index 50e6d04d1..19cee5288 100644
--- a/internal/controller/standalone_pgadmin/pod_test.go
+++ b/internal/controller/standalone_pgadmin/pod_test.go
@@ -139,8 +139,8 @@ initContainers:
   - --
   - |-
     mkdir -p /etc/pgadmin/conf.d
-    (umask a-w && echo "$1" > /etc/pgadmin/config_system.py)
-    (umask a-w && echo "$2" > /etc/pgadmin/gunicorn_config.py)
+    echo "$1" > /etc/pgadmin/config_system.py
+    echo "$2" > /etc/pgadmin/gunicorn_config.py
   - startup
   - |
     import glob, json, re, os
@@ -328,8 +328,8 @@ initContainers:
   - --
   - |-
     mkdir -p /etc/pgadmin/conf.d
-    (umask a-w && echo "$1" > /etc/pgadmin/config_system.py)
-    (umask a-w && echo "$2" > /etc/pgadmin/gunicorn_config.py)
+    echo "$1" > /etc/pgadmin/config_system.py
+    echo "$2" > /etc/pgadmin/gunicorn_config.py
   - startup
   - |
     import glob, json, re, os