Access file-system as non-root on OpenShift

I’m trying to run Chart Museum as a non-root user in OpenShift. The Dockerfile for Chart Museum sets the user ID to 1000, and I have set spec.containers.securityContext.fsGroup to 1000 in the YAML. However, when I try to upload a chart, I get a permission denied message for /charts. How do I resolve this issue?

apiVersion: apps/v1
kind: Deployment
metadata:
  name: chart-museum
  namespace: demo
spec:
  selector:
    matchLabels:
      app: chart-museum
  replicas: 1
  template:
    metadata:
      labels:
        app: chart-museum
    spec:
      volumes:
        - name: pvc-charts
          persistentVolumeClaim:
            claimName: pvc-charts      
      containers:
        - name: chart-museum
          securityContext:
            fsGroup: 1000
          image: chartmuseum/chartmuseum:latest
          ports:
            - containerPort: 8080
          envFrom:
            - configMapRef:
                name: chart-museum
          volumeMounts:
            - name: pvc-charts
              mountPath: "/charts"

You need to add the runAsUser field to the securityContext in the YAML file and set it to 1000 to specify that the container should run under user ID 1000. The updated YAML code should look like this:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: chart-museum
  namespace: demo
spec:
  selector:
    matchLabels:
      app: chart-museum
  replicas: 1
  template:
    metadata:
      labels:
        app: chart-museum
    spec:
      volumes:
        - name: pvc-charts
          persistentVolumeClaim:
            claimName: pvc-charts      
      containers:
        - name: chart-museum
          securityContext:
            runAsUser: 1000
            fsGroup: 1000
          image: chartmuseum/chartmuseum:latest
          ports:
            - containerPort: 8080
          envFrom:
            - configMapRef:
                name: chart-museum
          volumeMounts:
            - name: pvc-charts
              mountPath: "/charts"