Skip to content

first part of changes for OpenShift compatibility #757

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
May 3, 2024
Merged

first part of changes for OpenShift compatibility #757

merged 3 commits into from
May 3, 2024

Conversation

sseide
Copy link
Contributor

@sseide sseide commented Mar 15, 2024
edited
Loading

Proposed changes

Current Lowcoder images cannot run in Openshift Container Platform because they expect to be running as root which is not true for OpenShift. Openshift automatically starts all container at a RANDOM non-privileged user id

These changes are not complete - for full Openshift compatibility a lot more needs to be changed - will be discussed in #616. These changes are the "easy" ones that will not need updates or changes inside your current setup (should be non-breaking)

Additionally some linting of existing code was done to be more posix compliant.

Types of changes

What types of changes does your code introduce to Lowcoder?
Put an x in the boxes that apply.

  • Bugfix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation Update (if none of the other choices apply)

Checklist

You can also fill these out after creating the PR. If you're unsure about any of them, don't hesitate to ask. We're here to help!
This is simply a reminder of what we are going to look for before merging your code.
Put an x in the boxes that apply.

  • Lint and unit tests pass locally with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)
  • Any dependent changes have been merged and published in downstream modules

Further comments

As this is only the first part needed discussion can be done further at #616

@netlify Netlify
Copy link

netlify bot commented Mar 15, 2024

👷 Deploy request for lowcoder-cloud pending review.

Visit the deploys page to approve it

Name Link
🔨 Latest commit c1785b5

@sseide sseide mentioned this pull request Mar 15, 2024
Closed
@ludomikula
Copy link
Collaborator

Thank you! I will have a look in next couple days.

@FalkWolsky FalkWolsky changed the base branch from main to dev March 15, 2024 23:44
FalkWolsky
FalkWolsky reviewed Mar 16, 2024
View reviewed changes
Copy link
Contributor

@FalkWolsky FalkWolsky left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is your PR by this "work in progress" or isolated and you think we can merge it as is, so users profit from it already?

@sseide
Copy link
Contributor Author

sseide commented Mar 18, 2024

This one is working for itself and can be merged as is. It helps for different kind of non-root usage.

The other changes to the Dockerfile for full OpenShift compatibility will be another PR.

@netlify Netlify
Copy link

netlify bot commented Apr 22, 2024
edited
Loading

👷 Deploy request for lowcoder-test pending review.

Visit the deploys page to approve it

Name Link
🔨 Latest commit 13ead68

@sseide
Merge branch 'dev' into openshift-compatibility
13ead68 
# Conflicts:
#	deploy/docker/api-service/entrypoint.sh
@sseide
Copy link
Contributor Author

sseide commented Apr 22, 2024

Hello - as it was not merged i added other fixes with supervisord config and dockerfile file access rights.
With these changes the All-In-One image is running inside OpenShift Container Platform.

  • runtime user is added to group root as required by OpenShift for assigning random users with write access to directories (group root does give any special rights by istself, normal group as all other, only uid root is special)
  • file access rights modified to allow group root to write where needed by this image
  • missing directories pre-created as not possible during runtim in Openshift
  • modified gosu call to only execute if running as user "root"
  • cleared "apt" temporary data on every docker layer of final image#
  • update supervisord logging to only write to stdout and not files anymore

as said - this image will work with RedHat OpenShift too.

@ludomikula
Copy link
Collaborator

Thank you very much for work on this!

@FalkWolsky FalkWolsky merged commit f21c70f into lowcoder-org:dev May 3, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@FalkWolsky FalkWolsky FalkWolsky left review comments

@ludomikula ludomikula ludomikula approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sseide @ludomikula @FalkWolsky