Cannot run temporal services as non-root user in kubernetes

We have restrictions in our enterprise k8s environment to block running containers as root user. Kubernetes also recommends running containers as non-root user - 11 Ways (Not) to Get Hacked | Kubernetes

Starting temporal containers (using the helm chart from temporal helm chart repo) as non-root user throws the below permission error:

  • dockerize -template /etc/temporal/config/config_template.yaml:/etc/temporal/config/docker.yaml
    2021/02/04 14:28:48 unable to create open /etc/temporal/config/docker.yaml: permission denied

Currently, I did a workaround by creating a custom image with permission for non-root user to /etc/temporal/ dir.

Can we update the dockerfile and helm chart to run temporal services as non-root user by default?

Hi Siva,

Can you create an github issue for this?

Done - Cannot run temporal services as non-root user in kubernetes · Issue #1263 · temporalio/temporal · GitHub. Thanks!