Merge pull request #2574 from 89luca89/main

FabianKramm · web-flow · commit d51c22658a0d · 2023-02-27T18:41:15.000+01:00
fix: add implicit patch during dev to unset readOnlyRootFilesystem when sync is enabled
diff --git a/docs/pages/cli/devspace_list_ports.md b/docs/pages/cli/devspace_list_ports.md
@@ -25,7 +25,8 @@ Lists the port forwarding configurations
 ## Flags
 
 ```
-  -h, --help   help for ports
+  -h, --help            help for ports
+  -o, --output string   The output format of the command. Can be either empty or json
 ```
 
 
diff --git a/docs/pages/configuration/dev/modifications/patches.mdx b/docs/pages/configuration/dev/modifications/patches.mdx
@@ -62,7 +62,8 @@ DevSpace adds certain modifications and patches in-memory if certain conditions
   <tr>
 <td>
 
-`terminal` enabled
+`terminal` enabled or  
+`attach` enabled
 
 </td>
 <td>
@@ -83,6 +84,24 @@ dev:
 
 </td>
   </tr>
+<td>
+
+`sync` enabled
+
+</td>
+<td>
+
+```yaml title=devspace.yaml
+dev:
+  $name:
+    command: ["sleep"]
+    args: ["1000000000"]
+    patches:
+    - op: remove
+      path: spec.containers[].securityContext.readOnlyRootFilesystem
+```
+
+</td>
 </tbody>
 </table>
 
diff --git a/pkg/devspace/services/podreplace/builder.go b/pkg/devspace/services/podreplace/builder.go
@@ -204,6 +204,11 @@ func modifyDevContainer(ctx devspacecontext.Context, devPod *latest.DevPod, devC
 		return errors.Wrap(err, "replace working dir")
 	}
 
+	err = replaceSecurityContext(ctx, devPod, devContainer, podTemplate)
+	if err != nil {
+		return errors.Wrap(err, "replace securitycontext")
+	}
+
 	err = replaceResources(ctx, devPod, devContainer, podTemplate)
 	if err != nil {
 		return errors.Wrap(err, "replace resources")
@@ -256,6 +261,23 @@ func replaceWorkingDir(ctx devspacecontext.Context, devPod *latest.DevPod, devCo
 	return nil
 }
 
+func replaceSecurityContext(ctx devspacecontext.Context, devPod *latest.DevPod, devContainer *latest.DevContainer, podTemplate *corev1.PodTemplateSpec) error {
+	if devContainer.Sync == nil {
+		return nil
+	}
+
+	index, container, err := getPodTemplateContainer(ctx, devPod, devContainer, podTemplate)
+	if err != nil {
+		return err
+	}
+
+	if container.SecurityContext != nil {
+		container.SecurityContext.ReadOnlyRootFilesystem = nil
+		podTemplate.Spec.Containers[index] = *container
+	}
+	return nil
+}
+
 func replaceCommand(ctx devspacecontext.Context, devPod *latest.DevPod, devContainer *latest.DevContainer, podTemplate *corev1.PodTemplateSpec) error {
 	// replace with DevSpace helper
 	injectRestartHelper := devContainer.RestartHelper != nil && devContainer.RestartHelper.Inject != nil && *devContainer.RestartHelper.Inject
