I tried installing Gitea in Kubernetes using ArgoCD with the official Helm Chart and noticed that my Gitea pod did not become ready.
Following the logs I noticed this error message:
modules/ssh/ssh.go:290:Listen() [F] Unable to check if [/data/ssh/gitea.rsa /data/ssh/gogs.rsa] exists. Error: stat /data/ssh/gitea.rsa: permission denied
I’ve seen this error before but did not remember how to fix it so do not forget another time here is my solution.
As far as I understand when using the standard image which is running as
Using the rootless image solves the problem for me and also has the advantage of being maybe a bit more secure. I changed my values.yaml like this:
$ head -n 11 values.yaml
---
gitea:
image:
rootless: true
containerSecurityContext:
capabilities:
drop:
- ALL
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000