From 1f83d3bac18458ddaba30843985f63f1d4a26720 Mon Sep 17 00:00:00 2001
From: Vadim Musin <wasd94@gmail.com>
Date: Fri, 5 Jul 2024 17:15:03 +0200
Subject: [PATCH 1/2] Disable chown/chgrp on start (set fsGroupChangePolicy to
 OnRootMismatch)

---
 terraform/modules/jupyterhub/main.tf | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/terraform/modules/jupyterhub/main.tf b/terraform/modules/jupyterhub/main.tf
index e5c9596..9905b0c 100644
--- a/terraform/modules/jupyterhub/main.tf
+++ b/terraform/modules/jupyterhub/main.tf
@@ -9,7 +9,12 @@ locals {
       # enable cluster admin
       service_account = var.jupyterhub_cluster_admin_enabled ? kubernetes_service_account.admin.0.metadata.0.name : null
       automount_service_account_token = var.jupyterhub_cluster_admin_enabled
+      pod_security_context = {
+        fsGroup = 100
+        fsGroupChangePolicy = "OnRootMismatch"
+      }
     }
+
     default = true
   }
 

From 6f30bc34604564ee05e10e2e0a30d3fecc7a6298 Mon Sep 17 00:00:00 2001
From: Vadim Musin <wasd94@gmail.com>
Date: Fri, 5 Jul 2024 17:18:13 +0200
Subject: [PATCH 2/2] Disable chown/chgrp on start (set fsGroupChangePolicy to
 OnRootMismatch)

---
 terraform/modules/jupyterhub/main.tf | 1 -
 1 file changed, 1 deletion(-)

diff --git a/terraform/modules/jupyterhub/main.tf b/terraform/modules/jupyterhub/main.tf
index 9905b0c..17bd21f 100644
--- a/terraform/modules/jupyterhub/main.tf
+++ b/terraform/modules/jupyterhub/main.tf
@@ -14,7 +14,6 @@ locals {
         fsGroupChangePolicy = "OnRootMismatch"
       }
     }
-
     default = true
   }