[Feature Request] Support for OpenShift #2327
Description
Is your feature request related to a problem? Please describe.
I attempted to deploy temporal via helm (https://github.com/temporalio/helm-charts/tree/main) onto an openshift cluster.
Ran into issues running the temporal server and temporal ui containers on openshift due to security constraints (running on openshift - https://cloud.redhat.com/blog/a-guide-to-openshift-and-uids)
Identified the root cause to be the following sections:
- server issue Install testing #1 - added to issue - [Feature Request] Support for OpenShift helm-charts#558
- server issue Refine linting and testing #2 - added to issue: [Feature Request] Support for OpenShift docker-builds#241
- ui - https://github.com/temporalio/ui-server/blob/main/Dockerfile#L32
Essentially what we are observing is openshift enforces specific UID and GID for the running containers that do not match the predefined values in the image definition and therefore fail with the following error:
2024/09/13 06:29:11 unable to create open ./config/docker.yaml: permission denied
Describe the solution you'd like
Dockerfile definition should not pin specific UIDs for non root user enforcement, but instead ensure that all directories that are required for functionality have sufficient privileges.
Describe alternatives you've considered
To get around this issue the following Dockerfile was used and confirmed to work
FROM temporalio/ui:2.30.3
RUN chmod o+w /home/ui-server/config