From d6748e659c7d079b1399d93f1ef3f7f7af60ec6f Mon Sep 17 00:00:00 2001
From: Pavel Tumik <18602811+sagor999@users.noreply.github.com>
Date: Fri, 21 Oct 2022 17:42:30 +0000
Subject: [PATCH] [pvc] add init container to workspace to chown pvc mount
 folder

---
 components/ws-manager/pkg/manager/create.go | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/components/ws-manager/pkg/manager/create.go b/components/ws-manager/pkg/manager/create.go
index 87804190581ab3..57e9be8a091e6d 100644
--- a/components/ws-manager/pkg/manager/create.go
+++ b/components/ws-manager/pkg/manager/create.go
@@ -592,6 +592,21 @@ func (m *Manager) createDefiniteWorkspacePod(startContext *startWorkspaceContext
 			gitpodGUID := int64(133332)
 			pod.Spec.SecurityContext.FSGroup = &gitpodGUID
 
+			// add init container to chown workspace subpath, so that it is owned by gitpod user (there is no k8s native way of doing this as of right now)
+			pod.Spec.InitContainers = append(pod.Spec.InitContainers, corev1.Container{
+				Name:            "chown-workspace",
+				Image:           "busybox",
+				ImagePullPolicy: corev1.PullIfNotPresent,
+				Command:         []string{"chown", "133332:133332", "/workspace"},
+				VolumeMounts: []corev1.VolumeMount{
+					{
+						Name:      workspaceVolumeName,
+						SubPath:   "workspace",
+						MountPath: "/workspace",
+					},
+				},
+			})
+
 		case api.WorkspaceFeatureFlag_WORKSPACE_CLASS_LIMITING:
 			limits := startContext.Class.Container.Limits
 			if limits != nil && limits.CPU != nil {