camper42 opened a new issue, #61062:
URL: https://github.com/apache/airflow/issues/61062
### Official Helm Chart version
1.18.0 (latest released)
### Apache Airflow version
3.16
### Kubernetes Version
v1.32.2
### Helm Chart configuration
```yaml
securityContexts:
pod:
runAsUser: 5042
fsGroup: 0
runAsGroup: 0
VolumeMounts:
- name: passwd
mountPath: /etc/passwd
readOnly: true
- name: group
mountPath: /etc/group
readOnly: true
Volumes:
- name: passwd
hostPath:
path: /etc/passwd
type: File
- name: group
hostPath:
path: /etc/group
type: File
```
### Docker Image customizations
```dockerfile
ENV AIRFLOW_UID=5042
USER 5042
```
### What happened
Pgbouncer deployment includes global .Values.volumes / .Values.volumeMounts
and failed.
### What you think should happen instead
Global `.Values.volumes` / `.Values.volumeMounts` should only apply to
Airflow containers. Pgbouncer should only use `.Values.pgbouncer.extraVolumes`
/ `.Values.pgbouncer.extraVolumeMounts` instead.
### How to reproduce
custom docker + runAsUser with volumes&volumeMounts
### Anything else
values.yaml documents `.Values.volumes` and `.Values.volumeMounts` as **"for
all airflow containers,"** but the pgbouncer deployment currently also applies
them.
In my setup I mount host /etc/passwd and /etc/group via those global values
to match Airflow containers’ security context. Pgbouncer runs with a different
UID, so inheriting those mounts breaks its startup.
### Are you willing to submit PR?
- [x] Yes I am willing to submit a PR!
### Code of Conduct
- [x] I agree to follow this project's [Code of
Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
