Currently our IT team won’t give us admin over our production environment, we’re trying to get octopus working in prod with a cut down set of permissions (basically read only for IIS but allow write to disk).
It looks like octopus checks most configuration options before it tries to configure them which is ideal as we’ll get an error if something is wrong but it won’t actually change any of the config.
We are currently stuck on an error that suggests that it always tries to assign a website to app pool without checking if it’s already in that apppool.
Assigning website to application pool…
16:46:15Info
Attempt 1 of 5 failed: Filename: \?\C:\Windows\system32\inetsrv\config\applicationHost.config
16:46:15Info
Error: Cannot write configuration file due to insufficient permissions
It would be nice if it checked first.
We did also notice that it writes to disk before it checks the config, would be really nice if it did a sanity check of all changes before it tried anything but that would be a much bigger change.
Thanks for reaching out. The Tentacle component behind all this logic is Calamari, which is an Open Source project. You could add the App Pool check feature yourself and send us a PR for us to evaluate it. I can’t see we we wouldn’t merge it if you submit it
I’m afraid that for the actual changes on IIS, you’re gonna need to continue the discussion with your IT team to get an account with higher privileges.
