How can I read "/opt/jboss/keycloak/themes" using a persistent volume?

I’m using the docker image in Kubernetes, and mounting a persistent volume at /opt/jboss/keycloak/themes. But it mounts with root:root permissions, and it can’t be read by jboss. I can’t run a command to chown in the spec.container portion because it complains that the file does not exist. I can’t run a postStart command because jboss doesn’t have permission to chown the directory. I’ve also tried to add fsGroup, but it doesn’t change the permission (I assume because group 1000 doesn’t exist).

1 Like

Haven’t tried this myself, but have you tried creating the directory and then running chown?

mkdir -p /opt/jboss/keycloak/themes && chown jboss:jboss /opt/jboss/keycloak/themes

(use the -p flag with mkdir such that it won’t error if it doesn’t exist, and won’t overwrite it if it does exist)

I just ended up building the image myself, modifying the original build-keycloak.sh, and adding my theme directory that way.

cd /opt/jboss/keycloak/themes
curl -L http://download.trolleyesecurity.com/keycloak/commandcenter.themes.v1.tar.gz -O
tar zxvf commandcenter.themes.v1.tar.gz
rm -rf /opt/jboss/keycloak/themes/commandcenter.themes.v1.tar.gz