Channels
announcements
ask-marvin
best-practices-coordination-plane
data-ecosystem
data-tricks-and-tips
events
find-a-prefect-job
geo-bay-area
geo-berlin
geo-boston
geo-chicago
geo-colorado
geo-dc
geo-israel
geo-japan
geo-london
geo-nyc
geo-seattle
geo-texas
gratitude
introductions
marvin-in-the-wild
pacc-clearcover-june-12-2023
pacc-may-31-2023
ppcc-may-16-2023
prefect-ai
prefect-aws
prefect-azure
prefect-cloud
prefect-community
prefect-contributors
prefect-dbt
prefect-docker
prefect-gcp
prefect-getting-started
prefect-integrations
prefect-kubernetes
prefect-recipes
prefect-server
prefect-ui
random
show-us-what-you-got
Title
j
Jeff Brainerd
03/11/2020, 3:14 PMHey Prefect team, would like to upvote the issue to provide ability to run prefect flow container as non-root. This is definitely a problem for us.
https://github.com/PrefectHQ/prefect/issues/2025
Does anyone have a workaround?
c
Chris White
03/11/2020, 4:02 PMHey @Jeff Brainerd! The other user that experienced this ended up doing the following for now:
We got this to work by setting chmod for group 0 on /.prefect and /root/.prefect/flows directoriesWe can re-prioritize the issue for you as well 👍
j
Jeff Brainerd
03/11/2020, 4:03 PMthanks! will try that
👍 1
s
Scott Zelenka
03/13/2020, 2:35 PM@Jeff Brainerd here's the Dockerfile we used to get this to run as non-root in OpenShift:
ARG PREFECT_VERSION
ARG PYTHON_VERSION
FROM prefecthq/prefect:${PREFECT_VERSION}-python${PYTHON_VERSION}
#=====
# setup /etc/passwd for 'root' group access
#=====
RUN mkdir -p /.prefect /root/.prefect/flows \
&& chgrp -R 0 \
/etc/passwd \
/run \
/.prefect \
/root/.prefect \
&& chmod -R g+rwX \
/etc/passwd \
/run \
/.prefect \
/root/.prefect \
&& chmod 770 \
/etc/passwdj
Jeff Brainerd
03/13/2020, 2:58 PMNice, thank you for sharing!