Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Story Points:
2
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Estimated Difficulty:
Medium
GSS Priority:
Target Release:

AMQ 7.14.0.GA
Upstream Jira:
https://github.com/arkmq-org/activemq-artemis-operator/issues/1259 https://github.com/arkmq-org/activemq-artemis-operator/issues/1266 https://github.com/arkmq-org/activemq-artemis-operator/issues/1267
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

In order for set readOnlyRootFilesystem=true, according to
https://github.com/arkmq-org/activemq-artemis-operator/discussions/1014

spec.deploymentPlan.containerSecurityContext + extraVolumeMounts

However, the extraVolumeMounts are not applied to initContainers.

This leads to two problems:
1. initcontainer can't be configured to readOnlyRootFilesystem=true
2. a semi workaround is to set the broker container readOnlyRootFilesystem=true by using

   spec:
      resourceTemplates:
        - selector:
            kind: "StatefulSet"
          patch:
            kind: "StatefulSet"
            spec:
              template:
                spec:
                  containers:
                    - name: "broker-container"
                      securityContext: 
                        readOnlyRootFilesystem: true

Assignee:: Domenico Francesco Bruscino

Reporter:: Roger Hui

Votes:: 1 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2025/11/05 9:05 AM

Updated:: 2025/11/20 9:09 AM

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates