argo workflow执行下载代码权限问题

spec:
      volumeMounts:
      - name: git-secret
        mountPath: /root/.ssh/id_ed25519
        subPath: git-secret
  volumes:
  - name: git-secret
    secret:
      secretName: git-secret
      items:
      - key: git-secret
        path: git-secret

+ git clone ssh://git@<gitlab-url>:2222/test.git -b master
Cloning into 'manifest'...
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/root/.ssh/id_ed25519' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "/root/.ssh/id_ed25519": bad permissions
git@<gitlab-url>: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

默认权限是644 要改为600

  volumes:
  - name: git-secret
    secret:
      secretName: git-secret
      items:
      - key: git-secret
        path: git-secret
      defaultMode: 0600

https://kubernetes.io/zh-cn/docs/tasks/inject-data-application/distribute-credentials-secure/#%E4%B8%BA-secret-%E9%94%AE%E8%AE%BE%E7%BD%AE-posix-%E6%9D%83%E9%99%90

©著作权归作者所有,转载或内容合作请联系作者
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。

推荐阅读更多精彩内容