I'm trying to run pgadmin in a Kubernetes cluster with enforced Pod Security Policies. Long story short, in the cluster, none of the Linux capabilities are allowed.
So the entrypoint.sh fails at startup time, as soon as it invokes the python executable:
/entrypoint.sh: line 70: /venv/bin/python3: Operation not permitted
I removed this requirement creating a new Docker image with the following definition:
FROM dpage/pgadmin4:5.5 USER root RUN setcap -r /usr/bin/python3.8 USER pgadmin
And then it boots without problem (using the 5050 port).
Do you think it makes sense to modify the main Dockerfile to avoid this problem?
If we do that, then we break the container for anyone who is using a privileged port for the server (e.g. everyone using default settings). I don't see how we could introduce such a change without causing problems for such users.
Is there any other workaround that doesn't require creating a new image?