DenisMedeiros opened a new issue, #1158:
URL: https://github.com/apache/openwhisk-wskdeploy/issues/1158
Hi all,
We are facing an issue when using the option `include` in the manifest.yml
file, where the permissions of the included files are not preserved.
Our manifest.yaml file looks like:
```yaml
packages:
poc:
actions:
example:
annotations:
web-export: true
function: src/example
include:
- ["tls"]
- ["virtualenv"]
- ["requirements.txt"]
inputs: {}
runtime: python:3.9
version: 1.0.0
web: true
version: 1.0.0
```
Inside of the directly `tls`, we have some TLS certificates that are used by
PostgreSQL, and the private key must have the limited permissions (`600` if
owned by a regular user, or `640` is owned by root -
[reference](https://www.postgresql.org/docs/13/ssl-tcp.html)). In our local
environment, the files have the permissions set properly:
```
-rw------- 1 denis test 1703 Apr 5 16:30 tls/client-tls-key.key
```
However, once it's deployed, the TLS files are copied with broader access
(`644`) and then the PostgreSQL connection fails complaining about the
permissions.
Is there a way to include these files and also keeping the existing
permissions? A workaround so far is to make the Python code to fix the files
permissions but ideally it would be nice if this could be fixed during
deployment (rather than in each function run).
Thanks in advance.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
