7 files changed, 33 insertions, 32 deletions

diff --git a/setup/projects/adei/templates/60-adei.yml.j2 b/setup/projects/adei/templates/60-adei.yml.j2
index 537368f..ca3c17a 100644
--- a/setup/projects/adei/templates/60-adei.yml.j2
+++ b/setup/projects/adei/templates/60-adei.yml.j2
@@ -95,6 +95,8 @@ objects:
         adei-type: "{{ pod_type }}"
         adei-name: "{{ name }}"
         adei-setup: "${setup}"
+      annotations:
+        kaas/replicas: "{{ cfg.replicas }}"
     spec:
             replicas: "{{ cfg.replicas }}"
             revisionHistoryLimit: "{{ adei_pod_history_limit }}"
@@ -127,20 +129,15 @@ objects:
 {%       if (cfg.groups is defined) or (cfg.run_as is defined) %}
                 securityContext:
 {%         if (cfg.run_as is defined) %}
-{%            if (kaas_project_config.uids | default(kaas_openshift_uids))[cfg.run_as] is defined %}
-                  - {{ (kaas_project_config.uids | default(kaas_openshift_uids))[cfg.run_as].id }}
-{%            else %}
-                  - {{ cfg.run_as }}
-{%            endif %}
+                  runAsUser: {{ (kaas_project_uids[cfg.run_as] is defined) | ternary(kaas_project_uids[cfg.run_as].id, cfg.run_as) }}
 {%         endif %}
 {%       if (cfg.groups is defined) %}
+{%         if (ands_openshift_gid_mode | default('')) == "RunAsAny" %}
+                  fsGroup: {{ (kaas_project_gids[cfg.groups[0]] is defined) | ternary(kaas_project_gids[cfg.groups[0]].id, cfg.groups[0]) }}
+{%         endif %}
                   supplementalGroups:
 {%           for group in cfg.groups %}
-{%             if (kaas_project_config.gids | default(kaas_openshift_gids))[group] is defined %}
-                    - {{ (kaas_project_config.gids | default(kaas_openshift_gids))[group].id }}
-{%             else %}
-                    - {{ group }}
-{%             endif %}
+                    - {{ (kaas_project_gids[group] is defined) | ternary(kaas_project_gids[group].id, group) }}
 {%           endfor %}
 {%         endif %}
 {%       endif %}
diff --git a/setup/projects/adei/vars/globals.yml b/setup/projects/adei/vars/globals.yml
index 21f4db1..f8d7816 100644
--- a/setup/projects/adei/vars/globals.yml
+++ b/setup/projects/adei/vars/globals.yml
@@ -182,7 +182,7 @@ adei_frontends:
     cacher:
       name: "adei-${setup}-cacher"
       replicas: "${cache_replicas}"
-      cmd: [ "/bin/bash", "/adei/src/scripts/system/cacher.sh" ]
+      cmd: [ "/openshift-entrypoint.sh", "/adei/src/scripts/system/cacher.sh" ]
       env: "{{ adei_pod_env | union(adei_cache_env) }}"
       vols: "{{ adei_pod_vols }}"
       mounts: "{{ adei_prod_mounts | union(adei_pod_mounts) }}"
@@ -191,7 +191,7 @@ adei_frontends:
     archive_cacher:
       name: "adei-${setup}-archive-cacher"
       replicas: "1"
-      cmd: [ "/bin/bash", "/adei/src/scripts/system/cacher.sh",  "-m",  "archive" ]
+      cmd: [ "/openshift-entrypoint.sh", "/adei/src/scripts/system/cacher.sh",  "-m",  "archive" ]
       env: "{{ adei_pod_env | union(adei_arc_cache_env) }}"
       vols: "{{ adei_pod_vols }}"
       mounts: "{{ adei_prod_mounts | union(adei_pod_mounts) }}"
@@ -200,7 +200,7 @@ adei_frontends:
     log_cacher:
       name: "adei-${setup}-log-cacher"
       replicas: "${enable_logs}"
-      cmd: [ "/bin/bash", "/adei/src/scripts/system/cacher.sh" ]
+      cmd: [ "/openshift-entrypoint.sh", "/adei/src/scripts/system/cacher.sh" ]
       env: "{{ adei_pod_env | union(adei_log_cache_env) }}"
       vols: "{{ adei_pod_vols }}"
       mounts: "{{ adei_prod_mounts | union(adei_pod_mounts) }}"
@@ -209,7 +209,7 @@ adei_frontends:
     update:
       name: "adei-${setup}-update"
       cron: "${update_schedule}"
-      cmd: [ "/bin/bash", "/adei/src/scripts/cron/adei.cron.sh" ]
+      cmd: [ "/openshift-entrypoint.sh", "/adei/src/scripts/cron/adei.cron.sh" ]
       env: "{{ adei_pod_env | union(adei_cron_env) | union(adei_update_env) }}"
       vols: "{{ adei_pod_vols }}"
       mounts: "{{ adei_prod_mounts | union(adei_pod_mounts) }}"
@@ -218,7 +218,7 @@ adei_frontends:
     maintain:
       name: "adei-${setup}-maintain"
       cron: "${maintain_schedule}"
-      cmd: [ "/bin/bash", "/adei/src/scripts/cron/adei_manager.cron.sh" ]
+      cmd: [ "/openshift-entrypoint.sh", "/adei/src/scripts/cron/adei_manager.cron.sh" ]
       env: "{{ adei_pod_env | union(adei_cron_env) }}"
       vols: "{{ adei_pod_vols }}"
       mounts: "{{ adei_prod_mounts | union(adei_pod_mounts) }}"
@@ -227,7 +227,7 @@ adei_frontends:
     clean:
       name: "adei-${setup}-clean"
       cron: "${clean_schedule}"
-      cmd: [ "/bin/bash", "/adei/src/scripts/cron/adei_clean.cron.sh" ]
+      cmd: [ "/openshift-entrypoint.sh", "/adei/src/scripts/cron/adei_clean.cron.sh" ]
       env: "{{ adei_pod_env | union(adei_cron_env) }}"
       vols: "{{ adei_pod_vols }}"
       mounts: "{{ adei_prod_mounts | union(adei_pod_mounts) }}"
diff --git a/setup/projects/adei/vars/pods.yml b/setup/projects/adei/vars/pods.yml
index 5278c44..182db9c 100644
--- a/setup/projects/adei/vars/pods.yml
+++ b/setup/projects/adei/vars/pods.yml
@@ -30,9 +30,9 @@ pods:
         env:
             - { name: "DB_SERVICE_HOST", value: "mysql.adei.svc.cluster.local" }
             - { name: "DB_SERVICE_PORT", value: "3306" } 
+            - { name: "DB_EXTRA_HOSTS", value: "mysql.katrin.svc.cluster.local" }
 #            - { name: "DB_SERVICE_CONTROL_USER", value: "pma" }
 #            - { name: "DB_SERVICE_CONTROL_PASSWORD", value: "secret@adei/pma-password" }
-            - { name: "DB_EXTRA_HOSTS", value: "mysql.katrin.svc.cluster.local" }
         probes:
             - { port: 8080, path: '/' }
 
diff --git a/setup/projects/adei/vars/volumes.yml b/setup/projects/adei/vars/volumes.yml
index cdeb4e7..768e27f 100644
--- a/setup/projects/adei/vars/volumes.yml
+++ b/setup/projects/adei/vars/volumes.yml
@@ -1,6 +1,6 @@
 gids:
-  adei: { id: 6000 }
-  adei_db: { id: 6001 }
+  adei: { id: 6001 }
+  adei_db: { id: 6002 }
 
 volumes:
   adei_init: { volume: "openshift", path: "/adei/init"}                                 # mysql
@@ -13,10 +13,10 @@ volumes:
   adei_db:  { volume: "databases", path: "/adei",       write: true }                   # mysql
 
 files:
-  - { osv: "adei_cfg", path: "/",     state: "directory", group: "adei", mode: "0775" }
-  - { osv: "adei_cfg", path: "/prod", state: "directory", group: "adei", mode: "0775" }
-  - { osv: "adei_cfg", path: "/dbg",  state: "directory", group: "adei", mode: "0775" }
-  - { osv: "adei_src", path: "/",     state: "directory", group: "adei", mode: "0775" }
-  - { osv: "adei_log", path: "/",     state: "directory", group: "adei", mode: "0775" }
-  - { osv: "adei_tmp", path: "/",     state: "directory", group: "adei", mode: "0775" }
-  - { osv: "adei_db", path: "mysql",  state: "directory", group: "adei_db", mode: "0775" }
+  - { osv: "adei_cfg", path: "/",     state: "directory", group: "adei", mode: "02775" }
+  - { osv: "adei_src", path: "/",     state: "directory", group: "adei", mode: "02775" }
+  - { osv: "adei_src", path: "/prod", state: "directory", group: "adei", mode: "02775" }
+  - { osv: "adei_src", path: "/dbg",  state: "directory", group: "adei", mode: "02775" }
+  - { osv: "adei_log", path: "/",     state: "directory", group: "adei", mode: "02775" }
+  - { osv: "adei_tmp", path: "/",     state: "directory", group: "adei", mode: "02775" }
+  - { osv: "adei_db", path: "mysql",  state: "directory", group: "adei_db", mode: "02775" }
diff --git a/setup/projects/kaas/templates/40-kaas-manager.yml.j2 b/setup/projects/kaas/templates/40-kaas-manager.yml.j2
index e181737..b9cba4e 100644
--- a/setup/projects/kaas/templates/40-kaas-manager.yml.j2
+++ b/setup/projects/kaas/templates/40-kaas-manager.yml.j2
@@ -43,6 +43,9 @@ objects:
 {% for ofs in range(gid_range[1] | default(1) | int) %}
               - {{ (gid_range[0] | int) + ofs }}
 {% endfor %}
+{% if (ands_openshift_gid_mode | default('')) == "RunAsAny" %}
+            fsGroup: {{ gid_range[0] }}
+{% endif %}
 {% if (kaas_project_config.run_pods_as is defined) %}
 {%   if ((kaas_project_config.uids | default(kaas_openshift_uids))[kaas_project_config.run_pods_as] is defined) %}
             runAsUser: {{ (kaas_project_config.uids | default(kaas_openshift_uids))[kaas_project_config.run_pods_as].id }}
diff --git a/setup/projects/kaas/vars/volumes.yml b/setup/projects/kaas/vars/volumes.yml
index 3554aa6..cf9c697 100644
--- a/setup/projects/kaas/vars/volumes.yml
+++ b/setup/projects/kaas/vars/volumes.yml
@@ -1,10 +1,11 @@
-gids:
-  kaas: { id: 4000 }
+#defined globaly
+#gids:
+#  kaas: { id: 4000 }
 
 files:
-  - { osv: "data", path: "/www",     state: "directory", group: "kaas", mode: "0775" }
-  - { osv: "etc",  path: "/apache2", state: "directory", group: "kaas", mode: "0775" }
-  - { osv: "tmp",  path: "/apache2", state: "directory", group: "kaas", mode: "0775" }
+  - { osv: "data", path: "/www",     state: "directory", group: "kaas", mode: "02775" }
+  - { osv: "etc",  path: "/apache2", state: "directory", group: "kaas", mode: "02775" }
+  - { osv: "tmp",  path: "/apache2", state: "directory", group: "kaas", mode: "02775" }
 
 #resync: true
 sync_set_gid: kaas
diff --git a/setup/projects/katrin/vars/volumes.yml b/setup/projects/katrin/vars/volumes.yml
index ca22a28..3b53bb3 100644
--- a/setup/projects/katrin/vars/volumes.yml
+++ b/setup/projects/katrin/vars/volumes.yml
@@ -5,7 +5,7 @@ extra_volumes:
   katrin:  { volume: "katrin_data", path: "/", capacity: "40Ti", write: true }
 
 files:
-  - { osv: "katrin", path: "/", state: "directory", group: "katrin", mode: "0775" }
+  - { osv: "katrin", path: "/", state: "directory", group: "katrin", mode: "02775" }
 
 #resync: true
 #sync_set_gid: katrin