[Feature Request] Support for OpenShift

[hishamanver]

Is your feature request related to a problem? Please describe.

I attempted to deploy temporal via helm (https://github.com/temporalio/helm-charts/tree/main) onto an openshift cluster.

Ran into issues running the temporal server and temporal ui containers on openshift due to security constraints (running on openshift - https://cloud.redhat.com/blog/a-guide-to-openshift-and-uids)

Identified the root cause to be the following sections:

• server issue Install testing #1 - added to issue - [Feature Request] Support for OpenShift helm-charts#558
• server issue Refine linting and testing #2 - added to issue: [Feature Request] Support for OpenShift docker-builds#241
• ui - https://github.com/temporalio/ui-server/blob/main/Dockerfile#L32

Essentially what we are observing is openshift enforces specific UID and GID for the running containers that do not match the predefined values in the image definition and therefore fail with the following error:

2024/09/13 06:29:11 unable to create open ./config/docker.yaml: permission denied

Describe the solution you'd like

Dockerfile definition should not pin specific UIDs for non root user enforcement, but instead ensure that all directories that are required for functionality have sufficient privileges.

Describe alternatives you've considered

To get around this issue the following Dockerfile was used and confirmed to work

FROM temporalio/ui:2.30.3

RUN chmod o+w /home/ui-server/config

[naaa760]

Hello @hishamanver

I suggest you to improving Temporal deployment on OpenShift by adding user-customizable UID and GID fields in the Helm chart. startup script in the Dockerfile should change permissions on necessary directories based on the provided UID and GID. and i think the community feedback is welcome to refine this idea.