[Feat]: Run image as non-root to be able to deploy to Redhat Openshift

[mogui]

trafficstars

Is your feature request related to a problem? Please describe. I am trying to run the all-in-one image within Openshift without success

Describe the solution you'd like The image should be able to run a s non-root container, in the doc is stated that it could be run as non-root user https://docs.lowcoder.cloud/lowcoder-documentation/setup-and-run/self-hosting#run-as-non-root-user but it is not true :)

Also digging for that environment variable inside the repository doesn't bubble up anything besides the Docs

[ludomikula]

Yes you're right. In the all in one image only the services run as non-root user. supervisord and nginx can run as non-root user too, I will have a look into that.

I'd like to stress that for production use, the multi-image installation is preferred.

[lukas-kd]

Any news about that issue? Need a rootless container too.

Thanks :)

[sseide]

i finally got it up and running in Openshift - at least the All-In-One image.

Big problem is all parts expect to be running as root which is not the case in Openshift where it is already an unprivileged user.

I created an git repo with all changes needed for tha AIO image to build your own OpenShift compatible one from the existing lowcoder-ce:2.3 image. Feel free to use as a base for your own images: https://github.com/sseide/lowcoder-openshift

Additionally i created an PR #757 here with SOME of the changes - these changes are non-conflicting to your existing usage i think. But this PR does not create full OpenShift compatibility as it misses the runtime user groups and some file access tweaks.

[adnanqaops]

This is done and deployed as confirmed by Ludo. So, closing out this ticket.