I successfully deployed with kubernetes a custom container based on the official docker-vault image, but when using the vault init command I get the following error:

* failed to initialize barrier: failed to persist keyring: mkdir vault: permission denied

My Dockerfile is the following:

FROM vault:0.8.3

WORKDIR /app
ADD . /app
RUN chmod +x ./configure_vault.sh
CMD ["server", "-config=vault.conf"]

What I'm trying to achieve is to execute a shell script after the container is started in order to configure the vault. I have a configuration script that starts like this:

#!/bin/bash

export VAULT_ADDR="http://127.0.0.1:8200"
vault init -key-shares=1 -key-threshold=1 > vault_credentials
...
// configure some default roles and policies

To execute it, I configured my kubernetes yaml deployment file as follows:

...
spec:
      containers:
      - image: // my image
        imagePullPolicy: Always
        name: vault
        ports:
          - containerPort: 8200
            name: vaultport
            protocol: TCP
        # Enable mlock for the vault executable to stop
        # memory being swapped to disk so that secrets
        # don’t get written to disk.
        securityContext:
          capabilities:
            add:
              - IPC_LOCK
        volumeMounts:
        - name: vault-volume
          mountPath: /vault/file
        lifecycle:
            postStart:
              exec:
                command: ["/bin/sh", "./configure_vault.sh"]
      volumes:
        - name: vault-volume
          persistentVolumeClaim:
            claimName: vault

I can see that the vault user has the correct rights over the /vault folder so I can't seem to understand why a directory creation would fail. I tried giving root privileges to the vault user or executing the script manually by using kubernetes exec to get a shell to the container but none of it worked.

I'm not sure this is the correct way to proceed so any advice is welcome!