Chapter 4. Configuring readOnlyRootFilesystem in Red Hat Developer Hub


The Red Hat Developer Hub deployment consists of two containers: an initContainer that installs the Dynamic Plugins, and a backend container that runs the application. The initContainer has the readOnlyRootFilesystem option enabled by default. To enable this option on the backend container, you must either have permission to deploy resources through Helm or to create or update a CR for Operator-backed deployments. You can manually configure the readOnlyRootFilesystem option on the backend container by using the following methods:

  • The Red Hat Developer Hub Operator
  • The Red Hat Developer Hub Helm chart

When you are deploying Developer Hub using the Operator, you must specify a patch for the deployment in your Backstage custom resource (CR) that applies the readOnlyRootFilesystem option to the securityContext section in the Developer Hub backend container.

Procedure

  1. In your Backstage CR, add the securityContext specification. For example:

    spec:
      deployment:
        patch:
          spec:
            template:
              spec:
                containers:
                  - name: backstage-backend 
    1
    
                    securityContext:
                      readOnlyRootFilesystem: true
    Copy to Clipboard Toggle word wrap
    1
    Name of the main container defined in the Operator default configuration.

Procedure

  1. In your values.yaml file, add the readOnlyRootFilesystem: true line to the containerSecurityContext section. For example:

    upstream:
      backstage:
        containerSecurityContext:
          readOnlyRootFilesystem: true
    Copy to Clipboard Toggle word wrap
Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2025 Red Hat