[RTFACT-15224] Running Artifactory docker container without root access Created: 26/Oct/17  Updated: 14/Sep/18  Resolved: 30/Jul/18

Status: Resolved
Project: Artifactory Binary Repository
Component/s: Docker
Affects Version/s: None
Fix Version/s: 6.2.0

Type: Bug Priority: Normal
Reporter: Ankush Chadha Assignee: Gal Ben Ami
Resolution: Fixed Votes: 2
Labels: artifactory, docker

Issue Links:
relates to RTFACT-15748 entrypoint-artifactory.sh docker scri... Open
triggered RTFACT-17335 Artifactory in Docker cannot start wi... Resolved


Artifactory Docker container currently starts the entrypoint as root, which eventually runs artifactory.sh as user artifactory.
This needs to change, so the entrypoint will be triggered as artifactory user.
Move all functionality that needs root to Docker build time. Any run time issues should result in a graceful error message and termination of the container.

[OpenShift] Getting useradd error because OpenShift discourages running docker images as root. Need to add user to each OpenShift project. The fix is to remove the useradd in the docker images. Useradd in docker image is to start artifactory with artifactory:artifactory.

The following functionalities need to move out from the entrypoint the to Dockerfile:

  • Creating artifactory user
  • Chown on the data dir (will be replaced by an error)

Comment by Ankush Chadha [ 06/Nov/17 ]

This should be fixed though not a release blocker from OpenShift perspective. We will move this ticket from the soldev queue to the Artifactory queue. DevOps and Artifactory teams should work on this. For additional details, reach out to Eldad.

Generated at Fri Jun 05 23:27:26 UTC 2020 using Jira 8.5.3#805003-sha1:b4933e02eaff29a49114274fe59e1f99d9d963d7.