bitnami
Permission error in container, when starting on openshift
Actual behavior I want to deploy charts-syncer cronjob with help of the kubernetes deployment guide from https://github.com/bitnami-labs/charts-syncer/blob/master/docs/kubernetes-deployment.md , but the container is failing with the following error:
I0414 10:00:43.521717 1 sync.go:34] Using config file: "/charts-syncer.yaml"
I0414 10:00:43.522820 1 config.go:37] 'source.repo.chartsIndex' property is empty. Using "akhq.io/charts-index:latest" default value
I0414 10:00:43.522901 1 syncer.go:124] Using workdir: "/.charts-syncer"
Error: mkdir /.charts-syncer: permission denied
Expected behavior Image will starts without errors
To Reproduce Try to deploy charts-syncer on openshift.
Additional Information
On openshift you are not allowed to run root containers. This means charts-syncer app should be executed as non-root.
Best source for explanations is https://docs.bitnami.com/tutorials/running-non-root-containers-on-openshift .
I currently build my own Image for testing as follows:
FROM alpine:3.15.4
USER root
RUN apk add --no-cache \
git \
bash \
curl
# alpine uses adduser instead of useradd
RUN adduser \
--disabled-password \
--shell /bin/bash \
charts-syncer
WORKDIR /home/charts-syncer
ARG SYNCER_VERSION=0.15.0
RUN curl -o /home/charts-syncer/charts-syncer.tar.gz -L https://github.com/bitnami-labs/charts-syncer/releases/download/v${SYNCER_VERSION}/charts-syncer_${SYNCER_VERSION}_linux_x86_64.tar.gz \
&& tar xf /home/charts-syncer/charts-syncer.tar.gz \
&& mv /home/charts-syncer/charts-syncer /bin/charts-syncer \
&& rm -rf /home/charts-syncer/*
USER charts-syncer
ENTRYPOINT ["/bin/charts-syncer"]
Hello!
Currently, the charts-syncer tool is not expected to work as a non-root. We will look into it in future versions.
