@@ -57,9 +57,10 @@ URL as a secret. Additionally, if accessing Coder over a hostname, set the `CODE
5757value.
5858
5959By default, Coder creates the cache directory in` /home/coder/.cache ` . Given the
60- OpenShift-provided UID, the Coder container does not have permission to write to
61- this directory. To fix this, set the` CODER_CACHE_DIRECTORY ` environment variable
62- to` /tmp/coder-cache ` .
60+ OpenShift-provided UID and` readOnlyRootFS ` security context constraint, the Coder
61+ container does not have permission to write to this directory.
62+ To fix this, you can mount a temporary volume in the pod and set
63+ the` CODER_CACHE_DIRECTORY ` environment variable to that location.
6364
6465Additionally, create the Coder service as a` ClusterIP ` . In the next step,
6566you will create an OpenShift route that points to the service HTTP target port.
7071type :ClusterIP
7172env :
7273 -name :CODER_CACHE_DIRECTORY
73- value :/tmp/coder- cache
74+ value :/cache
7475 -name :CODER_PG_CONNECTION_URL
7576valueFrom :
7677secretKeyRef :
@@ -82,7 +83,15 @@ coder:
8283runAsNonRoot :true
8384runAsUser :<project-specific UID>
8485runAsGroup :<project-specific GID>
85- readOnlyRootFilesystem :false
86+ readOnlyRootFilesystem :true
87+ volumes :
88+ -name :" cache"
89+ emptyDir :
90+ sizeLimit :500Mi
91+ volumeMounts :
92+ -name :" cache"
93+ mountPath :" /cache"
94+ readOnly :false
8695` ` `
8796
8897> Note: OpenShift provides a Developer Catalog offering you can use to