We are using Kubernetes to host Octopus.
Azure Policy suggests running the container as a non-root user. When we add the securityContext, it is unable to install, we get permission denied for Octopus.Server folder.
Do you have any way around it?
I have searched the documentation but did not find any clue.
FYI, we are using 2021.2 image.
Hi @fagun,
Welcome to the Octopus community, thanks for reaching out!
I’d be happy to take a look into what’s preventing you from running Octopus in a non-root container as it definitely should be possible, could you please share the exact error message along with how you are launching the container as well as any environment variables? You should be able to upload any files to our secure upload link here, feel free to obfuscate any sensitive values.
I’m particularly interested in the user account being used. By default octopus is the user account which is granted ownership of the Octopus.Server folder during the image build:
OCTOPUS_VERSION=2022.3.10600 /bin/sh -c mkdir /etc/octopus && chown -R octopus:octopus /etc/octopus && mkdir /repository && chown -R octopus:octopus /repository && mkdir /artifacts && chown -R octopus:octopus /artifacts && mkdir /taskLogs && chown -R octopus:octopus /taskLogs && mkdir /cache && chown -R octopus:octopus /cache && mkdir /import && chown -R octopus:octopus /import && mkdir /diagnostics && chown -R octopus:octopus /diagnostics
Feel free to reach out if you have any questions at all!
Best Regards,
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.