Operate shows AccessDeniedException on startup
McAlm opened this issue · 4 comments
With the latest release 8.3.0 Operate shows an AccessDeniedException on startup.
`2023-10-16 17:54:23 2023-10-16 15:54:23.279 WARN 7 --- [ main] i.c.o.z.PartitionHolder : Error occurred when requesting partition ids from Zeebe client: null
....
2023-10-16 17:54:23 Caused by: io.grpc.StatusRuntimeException: CANCELLED
...
2023-10-16 17:54:23 Caused by: java.nio.file.AccessDeniedException: /usr/local/operate/.camunda
...
2023-10-16 17:54:23 2023-10-16 15:54:23.289 INFO 7 --- [ main] i.c.o.z.PartitionHolder : Partition ids can't be fetched from Zeebe. Try next round (1).
`
It seems to me the cause of this originates from the ownership/permission setup of /usr/local/operate folder in the original docker image. The folder is owned by root, but Operate is run with a non-root user, blocking it from creating the dir. Can you confirm @jessesimpson36 ? I think you already identified that during our pairing on the helm chart last Friday?
Then we would need to fix that in the Dockerfile of Operate.
Here is a related forum thread about this same error: https://forum.camunda.io/t/camunda-8-self-managed-multitenancy/48116/17?u=nathan.loding
Just reproduced the error and yeah I think the operate Dockerfile needs to be updated. Theres a temporary fix I can do in the compose file, I think. I'll try to take a look at it tomorrow.