ArgoCD /temp access denied

[amayacitta]

I've deployed ArgoCD using the operator on version v0.12.0. When mounting persistent storage /tmp in a standard way following the docs.

repo:
volumes:
- name: repo-storage
persistentVolumeClaim:
claimName: argocd-repo-server-pvc
volumeMounts:
- mountPath: /tmp
name: repo-storage

The repo pod crashes and loops, the log throws

Defaulted container "argocd-repo-server" out of: argocd-repo-server, copyutil (init)
time="2025-03-24T17:28:26Z" level=info msg="ArgoCD Repository Server is starting" built="2024-08-16T16:42:13Z" commit=26b2039a55b9bdf807a70d344af8ade5171d3d39 port=8081 version=v2.12.1+26b2039
time="2025-03-24T17:28:26Z" level=info msg="Generating self-signed TLS certificate for this session"
time="2025-03-24T17:28:26Z" level=fatal msg="failed to initialize the repo service: mkdir /tmp/_argocd-repo: permission denied"

According to this its due to the container using the wrong security context.
argoproj/argo-cd#12313

How do we go about changing this when using the operator? I cant find a spec in the docs to modify to fsGroup: 999.

Looking at the pod directly, we have the following. I assume its mounting as the wrong user to have write permissions.

securityContext:
  allowPrivilegeEscalation: false
  capabilities:
    drop:
    - ALL
  runAsNonRoot: true
  seccompProfile:
    type: RuntimeDefault

[anandrkskd]

@amayacitta I have tried this, and it seems to be working for me. Can you share what argo-cd CR and if you used the latest release or how you tried it?

[amayacitta]

@anandrkskd - thanks for the help, I'll set this up again and report back.