We currently install Octopus tentacles via a custom script that adds our tentacle service accounts as a local admin. We are adjusting that per the article below.
However, I am having issues scripting the below permission requirement.
Permission: Read Object: The HKLM\Software\Octopus\Tentacle registry key Reason: Tentacle determines the location of its configuration files from this key. Applied with: Regedit
Script (we’ve tried variations of this including setting the location to HKLM):
Thanks for getting in touch! I’m sorry to hear you’re hitting this unexpected roadblock. I’d like to run through a test of this locally, though at the moment I’m wondering if one small detail of a missing slash at the end of the path in the $RegKey variable could be impacting this. Does the following modification to the script get this working for you by chance?
Thank you Dane. And to clarify: following the non-admin permissions works manually (including adding the registry svc account read permissions), but it doesn’t work via PowerShell scripting.
That was an interesting deep dive. When running the Script locally, literalpath was appending the registry key to the end of the current path. Then there was the whole concept that “HKLM” isn’t the same as “HKEY_LOCAL_MACHINE”.
So at the end of all of that, I’ve managed to cobble together a script that worked (for me anyway) when running as a script step from Octopus Server and also when running locally as a script.
Please let me know how you get on with the following:
Thank you Dane. I am running into the same error, but I am going to troubleshoot this given that it is working on your end. Hopefully if I get it working, I will reach back out to confirm.
I had to put this on hold for a bit. I wanted to confirm one thing with you regarding the issue as I am still getting the below error (using same settings and script suggested):
Cannot find path ‘HKEY_LOCAL_MACHINE\SOFTWARE\Octopus\Tentacle’ because it does not exist.
When I navigate to the HKLM directory on the local server (not Octopus server to be clear as this is a deployment server), it does not show the Octopus directory. Are you able to navigate to the Octopus HKLM directory on a local server?
Just so I wasn’t leading you down a stray path, I went and spun up a brand new VM to be confident that everything worked. Immediately I tried the script that I provided to you above and it wasn’t working. I’m terribly sorry about that.
However, after the tentacle install, the following command was working fine:
gci -Path HKLM:\Software\Octopus -Recurse
This returned:
Name
----
Tentacle
Property
----
InstallLocation : C:\Program Files\Octopus\Deploy\Tentacle\
I ran the command on both a local powershell instance and also from my Octopus Cloud instance.
Based on that working command, I modified the original script slightly and I believe the below script should work in your environment.