1 files changed, 34 insertions, 0 deletions

diff --git a/roles/ands_kaas/tasks/volume.yml b/roles/ands_kaas/tasks/volume.yml
index b82e55f..ff51fb0 100644
--- a/roles/ands_kaas/tasks/volume.yml
+++ b/roles/ands_kaas/tasks/volume.yml
@@ -6,6 +6,40 @@
   file: 
     path: "{{ path }}" 
     state: "directory" 
+    recurse: "no"
+  register: mkdir
+  
+- name: "Ensure the {{ path }} is writeable by project pods"
+  vars: 
+    default_group: "{{ kaas_openshift_gid_ranges[kaas_project] | default('') | regex_replace('^([0-9]+)[^0-9]*.*$', '\\1') }}"
+  file: 
+    path: "{{ path }}" 
+    state: "directory" 
+    recurse: "no"
+    mode: "{{ volume.mode | default(0775) }}" 
+    owner: "{{ volume.owner | default(kaas_project_config.file_owner) | default(kaas_default_file_owner) }}" 
+    group: "{{ volume.group | default(kaas_project_config.file_group) | default(default_group) }}"
+  register: chmod
+  when:
+    - mkdir | changed
+    - kaas_openshift_gid_ranges[kaas_project] is defined
+    - osvpath[:1] != "/"
+
+# There is no other way to write for users. There will be just two osv's one writeable and one not. 
+# We may create a dir with the wrong one and have permissions not set
+#    - volume.write | default(false)
+
+- name: "Setting default permissions for non standard locations"
+  file: 
+    path: "{{ path }}" 
+    state: "directory" 
+    recurse: "no"
     mode: "{{ volume.mode | default(0755) }}" 
     owner: "{{ volume.owner | default(kaas_project_config.file_owner) | default(kaas_default_file_owner) }}" 
     group: "{{ volume.group | default(kaas_project_config.file_group) | default(kaas_default_file_group) }}"
+  when: 
+    - mkdir | changed
+    - chmod | skipped
+    
+
+