starred/hoppscotch
1
0
Fork 0
mirror of https://github.com/hoppscotch/hoppscotch.git synced 2026-04-26 01:06:00 +03:00
Code Issues 711 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #4291] [bug]: Installation error under OpenShift #1562

New issue
Closed
opened 2026-03-16 20:50:59 +03:00 by kerem · 12 comments
kerem commented 2026-03-16 20:50:59 +03:00
Owner
Copy link

Originally created by @cyberjpb1 on GitHub (Aug 23, 2024).
Original GitHub issue: https://github.com/hoppscotch/hoppscotch/issues/4291

Is there an existing issue for this?

  • I have searched the existing issues

Current behavior

When I try to install the container image (hoppscotch/hoppscotch) under OpenShift, I get the following error:

node:fs:596
handleErrorFromBinding(ctx);
^
Error: EACCES: permission denied, open 'build.env'
at Object.openSync (node:fs:596:3)
at Object.writeFileSync (node:fs:2322:35)
at file:///usr/src/app/aio_run.mjs:46:4
at ModuleJob.run (node:internal/modules/esm/module_job:195:25)
at async ModuleLoader.import (node:internal/modules/esm/loader:336:24)
at async loadESM (node:internal/process/esm_loader:34:7)
at async handleMainPromise (node:internal/modules/run_main:106:12) {
errno: -13,
syscall: 'open',
code: 'EACCES',
path: 'build.env'
}
Node.js v18.19.0

Steps to reproduce

oc new-project hoppscotch
oc new-app hoppscotch/hoppscotch

Environment

Production

Version

Self-hosted

Originally created by @cyberjpb1 on GitHub (Aug 23, 2024). Original GitHub issue: https://github.com/hoppscotch/hoppscotch/issues/4291 ### Is there an existing issue for this? - [X] I have searched the existing issues ### Current behavior When I try to install the container image (hoppscotch/hoppscotch) under OpenShift, I get the following error: node:fs:596 handleErrorFromBinding(ctx); ^ Error: EACCES: permission denied, open 'build.env' at Object.openSync (node:fs:596:3) at Object.writeFileSync (node:fs:2322:35) at file:///usr/src/app/aio_run.mjs:46:4 at ModuleJob.run (node:internal/modules/esm/module_job:195:25) at async ModuleLoader.import (node:internal/modules/esm/loader:336:24) at async loadESM (node:internal/process/esm_loader:34:7) at async handleMainPromise (node:internal/modules/run_main:106:12) { errno: -13, syscall: 'open', code: 'EACCES', path: 'build.env' } Node.js v18.19.0 ### Steps to reproduce oc new-project hoppscotch oc new-app hoppscotch/hoppscotch ### Environment Production ### Version Self-hosted
kerem 2026-03-16 20:50:59 +03:00
kerem commented 2026-03-16 20:51:15 +03:00
Author
Owner
Copy link

@AndrewBastin commented on GitHub (Aug 24, 2024):

@cyberjpb1 Can you confirm this issue is present with 2024.7.2 ?

<!-- gh-comment-id:2307959578 --> @AndrewBastin commented on GitHub (Aug 24, 2024): @cyberjpb1 Can you confirm this issue is present with 2024.7.2 ?
kerem commented 2026-03-16 20:51:20 +03:00
Author
Owner
Copy link

@cyberjpb1 commented on GitHub (Aug 24, 2024):

@AndrewBastin Yes, I confirm this issue is present with 2024.7.2 version.
Here is the error message :

node:fs:2368
return binding.writeFileUtf8(
^
Error: EACCES: permission denied, open 'build.env'
at Object.writeFileSync (node:fs:2368:20)
at file:///usr/src/app/aio_run.mjs:46:4
at ModuleJob.run (node:internal/modules/esm/module_job:234:25)
at async ModuleLoader.import (node:internal/modules/esm/loader:473:24)
at async asyncRunEntryPointWithESMLoader (node:internal/modules/run_main:123:5) {
errno: -13,
code: 'EACCES',
syscall: 'open',
path: 'build.env'
}
Node.js v20.17.0

<!-- gh-comment-id:2307976339 --> @cyberjpb1 commented on GitHub (Aug 24, 2024): @AndrewBastin Yes, I confirm this issue is present with 2024.7.2 version. Here is the error message : node:fs:2368 return binding.writeFileUtf8( ^ Error: EACCES: permission denied, open 'build.env' at Object.writeFileSync (node:fs:2368:20) at file:///usr/src/app/aio_run.mjs:46:4 at ModuleJob.run (node:internal/modules/esm/module_job:234:25) at async ModuleLoader.import (node:internal/modules/esm/loader:473:24) at async asyncRunEntryPointWithESMLoader (node:internal/modules/run_main:123:5) { errno: -13, code: 'EACCES', syscall: 'open', path: 'build.env' } Node.js v20.17.0
kerem commented 2026-03-16 20:51:25 +03:00
Author
Owner
Copy link

@cyberjpb1 commented on GitHub (Sep 19, 2024):

It seems that in the container image, an attempt is made to write a file to a folder that is not allowed by default because under OpenShift the pod never runs as root.

Do you have any suggestion for a solution?

<!-- gh-comment-id:2361891251 --> @cyberjpb1 commented on GitHub (Sep 19, 2024): It seems that in the container image, an attempt is made to write a file to a folder that is not allowed by default because under OpenShift the pod never runs as root. Do you have any suggestion for a solution?
kerem commented 2026-03-16 20:51:30 +03:00
Author
Owner
Copy link

@AndrewBastin commented on GitHub (Sep 19, 2024):

@cyberjpb1 along with the issue of the folder, another issue we are dealing with is that we are using port 80 within the container as the port through which users can interact with the container.

We are planning on introducing a new environment variable named ROOTLESS which when set will introduce an alternate port and this should make it more friendly for rootless systems like Podman and OpenShift.

You can expect this to be done on the release which should be out by the end of the month.

<!-- gh-comment-id:2361925234 --> @AndrewBastin commented on GitHub (Sep 19, 2024): @cyberjpb1 along with the issue of the folder, another issue we are dealing with is that we are using port 80 within the container as the port through which users can interact with the container. We are planning on introducing a new environment variable named `ROOTLESS` which when set will introduce an alternate port and this should make it more friendly for rootless systems like Podman and OpenShift. You can expect this to be done on the release which should be out by the end of the month.
kerem commented 2026-03-16 20:51:35 +03:00
Author
Owner
Copy link

@cyberjpb1 commented on GitHub (Sep 19, 2024):

@AndrewBastin Thanks for the information, it is much appreciated.

<!-- gh-comment-id:2361933672 --> @cyberjpb1 commented on GitHub (Sep 19, 2024): @AndrewBastin Thanks for the information, it is much appreciated.
kerem commented 2026-03-16 20:51:40 +03:00
Author
Owner
Copy link

@szymek07 commented on GitHub (Nov 20, 2024):

@AndrewBastin there is any update about running on OpenShift?

<!-- gh-comment-id:2488477506 --> @szymek07 commented on GitHub (Nov 20, 2024): @AndrewBastin there is any update about running on OpenShift?
kerem commented 2026-03-16 20:51:45 +03:00
Author
Owner
Copy link

@cyberjpb1 commented on GitHub (Nov 20, 2024):

@szymek07 I tried the latest version of the image (hopscotch/hoppscotch:2024.10.2) and I still have the same error.

<!-- gh-comment-id:2489264842 --> @cyberjpb1 commented on GitHub (Nov 20, 2024): @szymek07 I tried the latest version of the image (hopscotch/hoppscotch:2024.10.2) and I still have the same error.
kerem commented 2026-03-16 20:51:51 +03:00
Author
Owner
Copy link

@cyberjpb1 commented on GitHub (Dec 30, 2024):

@liyasthomas You have released several versions since this bug was reported. Will you be providing a fix soon or is this not a priority for you?

node:fs:2367
return binding.writeFileUtf8(
^
Error: EACCES: permission denied, open 'build.env'
at Object.writeFileSync (node:fs:2367:20)
at file:///usr/src/app/aio_run.mjs:46:4
at ModuleJob.run (node:internal/modules/esm/module_job:234:25)
at async ModuleLoader.import (node:internal/modules/esm/loader:473:24)
at async asyncRunEntryPointWithESMLoader (node:internal/modules/run_main:122:5) {
errno: -13,
code: 'EACCES',
syscall: 'open',
path: 'build.env'
}
Node.js v20.18.1

<!-- gh-comment-id:2565904233 --> @cyberjpb1 commented on GitHub (Dec 30, 2024): @liyasthomas You have released several versions since this bug was reported. Will you be providing a fix soon or is this not a priority for you? node:fs:2367 return binding.writeFileUtf8( ^ Error: EACCES: permission denied, open 'build.env' at Object.writeFileSync (node:fs:2367:20) at file:///usr/src/app/aio_run.mjs:46:4 at ModuleJob.run (node:internal/modules/esm/module_job:234:25) at async ModuleLoader.import (node:internal/modules/esm/loader:473:24) at async asyncRunEntryPointWithESMLoader (node:internal/modules/run_main:122:5) { errno: -13, code: 'EACCES', syscall: 'open', path: 'build.env' } Node.js v20.18.1
kerem commented 2026-03-16 20:51:56 +03:00
Author
Owner
Copy link

@turguns commented on GitHub (Apr 2, 2025):

Hi @cyberjpb1 @AndrewBastin @szymek07 @abraham @silentmatt
I encountered the same issue when trying to install the Hoppscotch container image on OpenShift. The error is caused by permission restrictions preventing access to build.env.

Solution
I resolved this by granting the anyuid security context constraint (SCC) to the Hoppscotch service account. Here’s the applied configuration:
`apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
annotations:
labels:
app.kubernetes.io/instance: hoppscotch
name: hoppscotch-sa-anyuid
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:openshift:scc:anyuid
subjects:

  • kind: ServiceAccount
    name: hoppscotch-sa
    namespace: hoppscotch`

BTW. for me namespace name is hoppscotch..change it according to your naming

<!-- gh-comment-id:2771539619 --> @turguns commented on GitHub (Apr 2, 2025): Hi @cyberjpb1 @AndrewBastin @szymek07 @abraham @silentmatt I encountered the same issue when trying to install the Hoppscotch container image on OpenShift. The error is caused by permission restrictions preventing access to build.env. **Solution** I resolved this by granting the anyuid security context constraint (SCC) to the Hoppscotch service account. Here’s the applied configuration: `apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: labels: app.kubernetes.io/instance: hoppscotch name: hoppscotch-sa-anyuid roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: system:openshift:scc:anyuid subjects: - kind: ServiceAccount name: hoppscotch-sa namespace: hoppscotch` BTW. for me namespace name is hoppscotch..change it according to your naming
kerem commented 2026-03-16 20:52:01 +03:00
Author
Owner
Copy link

@cyberjpb1 commented on GitHub (Apr 6, 2025):

@turguns Thanks for your solution, it seems to work but I think that just installing from the image is not enough, I seem to be missing some environment variables.
How are you installing? Are you using a Helm Chart?

<!-- gh-comment-id:2781211593 --> @cyberjpb1 commented on GitHub (Apr 6, 2025): @turguns Thanks for your solution, it seems to work but I think that just installing from the image is not enough, I seem to be missing some environment variables. How are you installing? Are you using a Helm Chart?
kerem commented 2026-03-16 20:52:06 +03:00
Author
Owner
Copy link

@turguns commented on GitHub (Apr 6, 2025):

@cyberjpb1 I'm not using Helm, just plain deployment files. I'm sharing all the files. For the database, we're using CloudNativePG, and the manifest files for the database are coming from there.

---
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
  name: postgres-hoppscotch
  namespace: hoppscotch
spec:
  backup:
    barmanObjectStore:
      data:
        compression: gzip
      destinationPath: 's3://hoppscotch-postgres-backup/'
      endpointURL: 'http://nas01.example.com:9001/'
      s3Credentials:
        accessKeyId:
          key: ACCESS_KEY_ID
          name: s3-backup-credential
        secretAccessKey:
          key: ACCESS_SECRET_KEY
          name: s3-backup-credential
      wal:
        compression: gzip
    retentionPolicy: 5d
  imageName: 'ghcr.io/cloudnative-pg/postgresql:16.1'
  enableSuperuserAccess: true
  monitoring:
    customQueriesConfigMap:
      - key: queries
        name: cnpg-default-monitoring
    disableDefaultQueries: false
    enablePodMonitor: true
  affinity:
    enablePodAntiAffinity: true
    podAntiAffinityType: preferred
    topologyKey: topology.kubernetes.io/zone
  maxSyncReplicas: 1
  minSyncReplicas: 1
  enablePDB: true
  bootstrap:
    initdb:
      database: hoppscotch
      owner: user
      secret:
        name: postgres-hoppscotch
  failoverDelay: 0
  postgresql:
    parameters:
     max_wal_size: 2GB
     max_connections: '2000'
     wal_keep_size: 128MB
  postgresUID: 26
  walStorage:
    resizeInUseVolumes: true
    size: 5Gi
    storageClass: csi-vmware-block
  switchoverDelay: 3600
  storage:
    resizeInUseVolumes: true
    size: 10Gi
    storageClass: csi-vmware-block
  primaryUpdateStrategy: unsupervised
  instances: 3
---
kind: Secret
apiVersion: v1
metadata:
  name: postgres-hoppscotch
  namespace: hoppscotch
data:
  database-connection-string: postgresql://user:password@postgres-hoppscotch-rw:5432/hoppscotch ##Conver value to Base64 format
  dbname: hoppscotch ##Conver value to Base64 format
  host: postgres-hoppscotch-rw ##Conver value to Base64 format
  password: password ##Conver value to Base64 format
  port: 5432 ##Conver value to Base64 format
  username: user##Conver value to Base64 format
type: Opaque 
---
apiVersion: postgresql.cnpg.io/v1
kind: ScheduledBackup
metadata:
  name: hoppscotch-postgres-backup
spec:
  backupOwnerReference: cluster
  cluster:
    name: postgres-hoppscotch
  immediate: true
  method: barmanObjectStore
  schedule: 0 0 0 * * *
  suspend: false
---
kind: Deployment
apiVersion: apps/v1
metadata:
  name: hoppscotch
  namespace: hoppscotch
  labels:
    app: hoppscotch
    app.kubernetes.io/component: hoppscotch
    app.kubernetes.io/instance: hoppscotch
spec:
  replicas: 1
  selector:
    matchLabels:
      deployment: hoppscotch
  template:
    metadata:
      creationTimestamp: null
      labels:
        deployment: hoppscotch
    spec:
      restartPolicy: Always
      initContainers:
        - resources: {}
          terminationMessagePath: /dev/termination-log
          name: init-container
          command:
            - /bin/sh
          env:
            - name: DATABASE_URL
              valueFrom:
                secretKeyRef:
                  name: postgres-hoppscotch
                  key: database-connection-string
          imagePullPolicy: IfNotPresent
          terminationMessagePolicy: File
          image: 'hoppscotch/hoppscotch:2025.2.0'
          args:
            - '-c'
            - pnpm dlx prisma migrate deploy
      serviceAccountName: hoppscotch-sa
      schedulerName: default-scheduler
      terminationGracePeriodSeconds: 30
      securityContext: {}
      containers:
        - resources:
            requests:
              cpu: 100m
              memory: 120Mi
          terminationMessagePath: /dev/termination-log
          name: hoppscotch
          env:
            - name: VITE_ALLOWED_AUTH_PROVIDERS
              value: MICROSOFT
            - name: WHITELISTED_ORIGINS
              value: 'https://admin-hoppscotch.apps.example.com,https://frontend-hoppscotch.apps.example.com,https://backend-hoppscotch.apps.example.com'
            - name: REDIRECT_URL
              value: 'https://frontend-hoppscotch.apps.example.com'
            - name: DATABASE_URL
              valueFrom:
                secretKeyRef:
                  name: postgres-hoppscotch
                  key: database-connection-string
            - name: ACCESS_TOKEN_VALIDITY
              value: '2592000000'
            - name: VITE_BACKEND_GQL_URL
              value: 'https://backend-hoppscotch.apps.example.com/graphql'
            - name: VITE_BACKEND_WS_URL
              value: 'ws://backend-hoppscotch.apps.example.com/graphql'
            - name: VITE_BACKEND_API_URL
              value: 'https://backend-hoppscotch.apps.example.com/v1'
            - name: VITE_BASE_URL
              value: 'https://frontend-hoppscotch.apps.example.com'
            - name: VITE_SHORTCODE_BASE_URL
              value: 'https://frontend-hoppscotch.apps.example.com'
            - name: VITE_ADMIN_URL
              value: 'https://admin-hoppscotch.apps.example.com'
            - name: TOKEN_SALT_COMPLEXITY
              value: '10'
            - name: MAGIC_LINK_TOKEN_VALIDITY
              value: '3'
            - name: REFRESH_TOKEN_VALIDITY
              value: '604800000'
            - name: MICROSOFT_CALLBACK_URL
              value: 'https://backend-hoppscotch.apps.example.com/v1/auth/microsoft/callback'
            - name: MICROSOFT_SCOPE
              value: user.read
          ports:
            - containerPort: 3000
              protocol: TCP
            - containerPort: 3100
              protocol: TCP
            - containerPort: 3170
              protocol: TCP
            - containerPort: 80
              protocol: TCP
          imagePullPolicy: IfNotPresent
          terminationMessagePolicy: File
          envFrom:
            - secretRef:
                name: hoppscotch-config
          image: 'hoppscotch/hoppscotch:2025.2.0'
      serviceAccount: hoppscotch-sa
      dnsPolicy: ClusterFirst
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 25%
      maxSurge: 25%
  revisionHistoryLimit: 10
  progressDeadlineSeconds: 600
---
kind: ServiceAccount
apiVersion: v1
metadata:
  name: hoppscotch-sa
  namespace: hoppscotch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: hoppscotch-sa-anyuid
subjects:
  - kind: ServiceAccount
    name: hoppscotch-sa
    namespace: hoppscotch
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: 'system:openshift:scc:anyuid'
---
kind: Service
apiVersion: v1
metadata:
  name: hoppscotch
  namespace: hoppscotch
spec:
  ports:
    - name: 80-tcp
      protocol: TCP
      port: 80
      targetPort: 80
    - name: 3000-tcp
      protocol: TCP
      port: 3000
      targetPort: 3000
    - name: 3100-tcp
      protocol: TCP
      port: 3100
      targetPort: 3100
    - name: 3170-tcp
      protocol: TCP
      port: 3170
      targetPort: 3170
  internalTrafficPolicy: Cluster
  selector:
    deployment: hoppscotch
---
---
kind: Route
apiVersion: route.openshift.io/v1
metadata:
  name: hoppscotch-admin
  namespace: hoppscotch
spec:
  host: admin-hoppscotch.apps.example.com
  path: /
  to:
    kind: Service
    name: hoppscotch
    weight: 100
  port:
    targetPort: 3100-tcp
  tls:
    termination: edge
  wildcardPolicy: None
---
kind: Route
apiVersion: route.openshift.io/v1
metadata:
  name: hoppscotch-backend
  namespace: hoppscotch
spec:
  host: backend-hoppscotch.apps.example.com
  path: /
  to:
    kind: Service
    name: hoppscotch
    weight: 100
  port:
    targetPort: 3170-tcp
  tls:
    termination: edge
  wildcardPolicy: None
---
kind: Route
apiVersion: route.openshift.io/v1
metadata:
  name: hoppscotch-frontend
  namespace: hoppscotch
spec:
  host: frontend-hoppscotch.apps.example.com
  path: /
  to:
    kind: Service
    name: hoppscotch
    weight: 100
  port:
    targetPort: 3000-tcp
  tls:
    termination: edge
  wildcardPolicy: None
<!-- gh-comment-id:2781303371 --> @turguns commented on GitHub (Apr 6, 2025): @cyberjpb1 I'm not using Helm, just plain deployment files. I'm sharing all the files. For the database, we're using CloudNativePG, and the manifest files for the database are coming from there. ``` --- apiVersion: postgresql.cnpg.io/v1 kind: Cluster metadata: name: postgres-hoppscotch namespace: hoppscotch spec: backup: barmanObjectStore: data: compression: gzip destinationPath: 's3://hoppscotch-postgres-backup/' endpointURL: 'http://nas01.example.com:9001/' s3Credentials: accessKeyId: key: ACCESS_KEY_ID name: s3-backup-credential secretAccessKey: key: ACCESS_SECRET_KEY name: s3-backup-credential wal: compression: gzip retentionPolicy: 5d imageName: 'ghcr.io/cloudnative-pg/postgresql:16.1' enableSuperuserAccess: true monitoring: customQueriesConfigMap: - key: queries name: cnpg-default-monitoring disableDefaultQueries: false enablePodMonitor: true affinity: enablePodAntiAffinity: true podAntiAffinityType: preferred topologyKey: topology.kubernetes.io/zone maxSyncReplicas: 1 minSyncReplicas: 1 enablePDB: true bootstrap: initdb: database: hoppscotch owner: user secret: name: postgres-hoppscotch failoverDelay: 0 postgresql: parameters: max_wal_size: 2GB max_connections: '2000' wal_keep_size: 128MB postgresUID: 26 walStorage: resizeInUseVolumes: true size: 5Gi storageClass: csi-vmware-block switchoverDelay: 3600 storage: resizeInUseVolumes: true size: 10Gi storageClass: csi-vmware-block primaryUpdateStrategy: unsupervised instances: 3 --- kind: Secret apiVersion: v1 metadata: name: postgres-hoppscotch namespace: hoppscotch data: database-connection-string: postgresql://user:password@postgres-hoppscotch-rw:5432/hoppscotch ##Conver value to Base64 format dbname: hoppscotch ##Conver value to Base64 format host: postgres-hoppscotch-rw ##Conver value to Base64 format password: password ##Conver value to Base64 format port: 5432 ##Conver value to Base64 format username: user##Conver value to Base64 format type: Opaque --- apiVersion: postgresql.cnpg.io/v1 kind: ScheduledBackup metadata: name: hoppscotch-postgres-backup spec: backupOwnerReference: cluster cluster: name: postgres-hoppscotch immediate: true method: barmanObjectStore schedule: 0 0 0 * * * suspend: false --- kind: Deployment apiVersion: apps/v1 metadata: name: hoppscotch namespace: hoppscotch labels: app: hoppscotch app.kubernetes.io/component: hoppscotch app.kubernetes.io/instance: hoppscotch spec: replicas: 1 selector: matchLabels: deployment: hoppscotch template: metadata: creationTimestamp: null labels: deployment: hoppscotch spec: restartPolicy: Always initContainers: - resources: {} terminationMessagePath: /dev/termination-log name: init-container command: - /bin/sh env: - name: DATABASE_URL valueFrom: secretKeyRef: name: postgres-hoppscotch key: database-connection-string imagePullPolicy: IfNotPresent terminationMessagePolicy: File image: 'hoppscotch/hoppscotch:2025.2.0' args: - '-c' - pnpm dlx prisma migrate deploy serviceAccountName: hoppscotch-sa schedulerName: default-scheduler terminationGracePeriodSeconds: 30 securityContext: {} containers: - resources: requests: cpu: 100m memory: 120Mi terminationMessagePath: /dev/termination-log name: hoppscotch env: - name: VITE_ALLOWED_AUTH_PROVIDERS value: MICROSOFT - name: WHITELISTED_ORIGINS value: 'https://admin-hoppscotch.apps.example.com,https://frontend-hoppscotch.apps.example.com,https://backend-hoppscotch.apps.example.com' - name: REDIRECT_URL value: 'https://frontend-hoppscotch.apps.example.com' - name: DATABASE_URL valueFrom: secretKeyRef: name: postgres-hoppscotch key: database-connection-string - name: ACCESS_TOKEN_VALIDITY value: '2592000000' - name: VITE_BACKEND_GQL_URL value: 'https://backend-hoppscotch.apps.example.com/graphql' - name: VITE_BACKEND_WS_URL value: 'ws://backend-hoppscotch.apps.example.com/graphql' - name: VITE_BACKEND_API_URL value: 'https://backend-hoppscotch.apps.example.com/v1' - name: VITE_BASE_URL value: 'https://frontend-hoppscotch.apps.example.com' - name: VITE_SHORTCODE_BASE_URL value: 'https://frontend-hoppscotch.apps.example.com' - name: VITE_ADMIN_URL value: 'https://admin-hoppscotch.apps.example.com' - name: TOKEN_SALT_COMPLEXITY value: '10' - name: MAGIC_LINK_TOKEN_VALIDITY value: '3' - name: REFRESH_TOKEN_VALIDITY value: '604800000' - name: MICROSOFT_CALLBACK_URL value: 'https://backend-hoppscotch.apps.example.com/v1/auth/microsoft/callback' - name: MICROSOFT_SCOPE value: user.read ports: - containerPort: 3000 protocol: TCP - containerPort: 3100 protocol: TCP - containerPort: 3170 protocol: TCP - containerPort: 80 protocol: TCP imagePullPolicy: IfNotPresent terminationMessagePolicy: File envFrom: - secretRef: name: hoppscotch-config image: 'hoppscotch/hoppscotch:2025.2.0' serviceAccount: hoppscotch-sa dnsPolicy: ClusterFirst strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 25% maxSurge: 25% revisionHistoryLimit: 10 progressDeadlineSeconds: 600 --- kind: ServiceAccount apiVersion: v1 metadata: name: hoppscotch-sa namespace: hoppscotch --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: hoppscotch-sa-anyuid subjects: - kind: ServiceAccount name: hoppscotch-sa namespace: hoppscotch roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: 'system:openshift:scc:anyuid' --- kind: Service apiVersion: v1 metadata: name: hoppscotch namespace: hoppscotch spec: ports: - name: 80-tcp protocol: TCP port: 80 targetPort: 80 - name: 3000-tcp protocol: TCP port: 3000 targetPort: 3000 - name: 3100-tcp protocol: TCP port: 3100 targetPort: 3100 - name: 3170-tcp protocol: TCP port: 3170 targetPort: 3170 internalTrafficPolicy: Cluster selector: deployment: hoppscotch --- --- kind: Route apiVersion: route.openshift.io/v1 metadata: name: hoppscotch-admin namespace: hoppscotch spec: host: admin-hoppscotch.apps.example.com path: / to: kind: Service name: hoppscotch weight: 100 port: targetPort: 3100-tcp tls: termination: edge wildcardPolicy: None --- kind: Route apiVersion: route.openshift.io/v1 metadata: name: hoppscotch-backend namespace: hoppscotch spec: host: backend-hoppscotch.apps.example.com path: / to: kind: Service name: hoppscotch weight: 100 port: targetPort: 3170-tcp tls: termination: edge wildcardPolicy: None --- kind: Route apiVersion: route.openshift.io/v1 metadata: name: hoppscotch-frontend namespace: hoppscotch spec: host: frontend-hoppscotch.apps.example.com path: / to: kind: Service name: hoppscotch weight: 100 port: targetPort: 3000-tcp tls: termination: edge wildcardPolicy: None ```
kerem commented 2026-03-16 20:52:11 +03:00
Author
Owner
Copy link

@cyberjpb1 commented on GitHub (Jul 1, 2025):

@turguns Thank you very much. With the information you provided and by adding the following environment variables, I was able to perform a working installation:
MICROSOFT_CLIENT_ID
MICROSOFT_CLIENT_SECRET
MICROSOFT_TENANT_ID
MICROSOFT_TENANT
DATA_ENCRYPTION_KEY
JWT_SECRET

I must say that I also had to perform a database migration.

<!-- gh-comment-id:3024439944 --> @cyberjpb1 commented on GitHub (Jul 1, 2025): @turguns Thank you very much. With the information you provided and by adding the following environment variables, I was able to perform a working installation: MICROSOFT_CLIENT_ID MICROSOFT_CLIENT_SECRET MICROSOFT_TENANT_ID MICROSOFT_TENANT DATA_ENCRYPTION_KEY JWT_SECRET I must say that I also had to perform a database migration.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
chore/security-fix-2026-4-0
next
fix/mockserver-env-set-url-priority
feat/rest-gql-merge
refactor/workspaces
fix/onboarding-mass-assignment
desktop-settings-phase-0-schema-bridge-shell
patch
test-webhook
pr/johnan319/5745
tembo/optimize-performance-db-queries
add-claude-github-actions-1772782423108
fix/code-scanning-103
fix/mock-server-example-endpoint-match-v2
fix/rate-limit-on-health-route
hotfix/api-doc-collection-deletetion
cd-test
fix/mock-server-backend-followup
chore/code-scanning-52
chore/verion-addition-check
nested-migrations
scripting-system-updates-worker-setup
scripting-system-updates
pr/shipko/4367
ci-test
feat/user-delete-condition
feat/user-workspace-stats-api
chore/collection-export-addition
fix/import-file-size-limit-flow
feat/dashboard-common
feat/sort-environment-alphabetically
feat/infra-config-encryption
refactor/team
feat/collection-duplicationn
feat/secure-cookies-toggle
pr/pavog/4195
pr/pavog/4196
test/patch-demo
feat/native-interceptor-updates
pr/AndrewBastin/4111
feat/user-last-active-on
fix/codemirror-large-text-scroll-bug
fix/precision-lost-beautify
fix/env-diff-test-schema-error
fix/email-case-sensitive
release/2024.3.3
refactor/workspace-login-conversion
feat/node-apline-version-upgrade
feat/seed
release/2024.3.2
fix/sh-email-handlebar-issue
feat/app-experiment-animation
release/2024.3.1
release/2024.3.0
pr/jamesgeorge007/3937
experiment/deploychan
feat/github-enterprise-auth
refactor/collection-search-query
hotfix/infra-config-reset-bug
fix/secret-var-bug
hotfix/full-text-search
hotfix/request-variable-version-syncing
feat/request-variable
feat/server-config-additional-properties
pr/JoelJacobStephen/3845
release/2023.12.6
fix/safari-codemirror-perf-bug
release/2023.12.5
release/2023.12.4
fix/secret-env-bugs-tooltip
release/2023.12.3
fix/shared-request-bug
fix/disable-context-menu-option
release/2023.12.2
release/2023.12.1
fix/shared-request-bugs
release/2023.12.0
fix/gql-history-schema
fix/actions-not-working-without-sidebar
pr/jamesgeorge007/3665
chore/desktop-app-corrections
fix/auth-headers-in-coll
fix/embed-url
improve/placeholder
add-realtime-logos
feat/shared-request-embeds
feat/collection-headers
revamp/header
release/2023.8.4
refactor/interceptor-error-display
feat/subpath-based-access
release/2023.8.3
feat/shared-requests
feat/desktop
fix/nodemailer-templates-issue
feature/upgrade-graphql-ws
fix/graphql-crashing
fix/set-environments-when-no-env-selected
refactor/pre-prisma-bump-setup
release/2023.8.2
pr/danitherex/3216
perf/raw-db-query
release/2023.8.1
revert-3348-perf/reduce-backend-calls
fix/incorrect-tab-count-close-all-tab
fix/duplicate-tab-bug
release/2023.8.0
hotfix/fetch-shortcode
fix/tab-right-click-rename-bug
chore/docker-fixes
pr/JoelJacobStephen/3178
feat/fe-accessible-auth-provider-env
feat-cherry-pick/conditional-auth-select
feat/conditional-auth-select
release/2023.4.8
fix/generate-sitemap-issue
test/backend-test-case
refactor/team-invitation
pr/AndrewBastin/3171
release/2023.4.7
fix/duplicate-team-invite
fix/unified-bg-color-coll-tree
fix/shortcode-screen-stuck
release/2023.4.6
revert-3117-patch-3
fix/env-selector-bg
fix/db-url
release/2023.4.4
fix/sync-popup-bug
fix/team-env-set-test
chore/wss-to-ws-on-env
fix/prettify-xml-response
feat/db-volume-addition
feat/env-selector-tabs-ui
bug/broken-env
release/2023.4.2
fix/switch-workspace-env-bug
fix/magic-link
fix/cookie-handler
HPS-OSS-1
staging
revert/auth-issue
feat/export-env
refactor/commons
reference/path-variables
orphan-pr/2243
feat/realtime-search
fix/save-override
refactor/strategies
feat/embeds
bug/withDefaults
feat/show-keys
refactor/toast
2026.3.1
2026.3.0
2026.2.1
2026.2.0
2026.1.1
2026.1.0
2025.12.1
2025.12.0
2025.11.2
2025.11.1
2025.11.0
2025.10.1
2025.10.0
2025.9.2
2025.9.1
2025.9.0
2025.8.1
2025.8.0
2025.7.1
2025.7.0
2025.6.1
2025.6.0
2025.5.4
2025.5.3
2025.5.2
2025.5.1
2025.5.0
2025.4.2
2025.4.1
2025.4.0
2025.3.2
2025.3.1
2025.3.0
2025.2.3
2025.2.2
2025.2.1
2025.2.0
2025.1.1
2025.1.0
2024.12.2
2024.12.1
2024.12.0
2024.11.0
2024.10.2
2024.10.1
2024.10.0
2024.9.3
2024.9.2
2024.9.1
2024.9.0
2024.8.3
2024.8.2
2024.8.1
2024.8.0
2024.7.2
2024.7.1
2024.7.0
2024.6.1
2024.6.0
2024.3.4
2024.3.3
2024.3.2
2024.3.1
2024.3.0
2023.12.6
2023.12.5
2023.12.4
2023.12.3
2023.12.2
2023.12.1
2023.12.0
2023.8.4
2023.8.3
2023.8.2
2023.8.1
2023.8.0
2023.4.8
2023.4.7
2023.4.6
2023.4.5
2023.4.4
2023.4.3
2023.4.2
2023.4.1
2023.4.0
v3.0.1
v3.0.0
v2.2.1
v2.2.0
v2.1.0
v2.0.0
v1.12.0
v1.10.0
v1.9.9
v1.9.7
v1.9.5
v1.9.0
v1.8.0
v1.5.0
v1.0.0
v0.1.0
Labels
Clear labels   
CodeDay

   
a11y

   
browser limited

   
bug

   
bug fix

   
cli

   
core

   
critical

   
design

   
desktop

   
discussion

   
docker

   
documentation

   
duplicate

   
enterprise

   
feature

   
feature

   
fosshack

   
future

   
good first issue

   
hacktoberfest

   
help wanted

   
i18n

   
invalid

   
major

   
minor

   
need information

   
need testing

   
not applicable to hoppscotch

   
not reproducible

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
refactor

   
resolved

   
sandbox

   
self-host

   
spam

   
stale

   
testmu

   
wip

   
wont fix
No labels
CodeDay
a11y
browser limited
bug
bug fix
cli
core
critical
design
desktop
discussion
docker
documentation
duplicate
enterprise
feature
feature
fosshack
future
good first issue
hacktoberfest
help wanted
i18n
invalid
major
minor
need information
need testing
not applicable to hoppscotch
not reproducible
pull-request
question
refactor
resolved
sandbox
self-host
spam
stale
testmu
wip
wont fix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/hoppscotch#1562
No description provided.