I’ve isolated and dug deeper and the problem is with Kubernetes chown every file in the volume on attachment.
Adding the following to the deployment yaml stops it doing a chown
securityContext:
fsGroup: 0 # Need to change all deployments to not use root!!
fsGroupChangePolicy: "OnRootMismatch"