Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add observable-builder user and use /project #10

Merged
merged 7 commits into from
Sep 19, 2024
Merged

Add observable-builder user and use /project #10

merged 7 commits into from
Sep 19, 2024

Conversation

jessedearing
Copy link
Contributor

@jessedearing jessedearing commented Sep 16, 2024
edited
Loading

Adds an observable-builder user with a home directory of /project. This uses 8000 as the uid since that's not likely to collide with any users on the container runtime host machines.

This PR also changes the tests to use a directory copy instead of a bind mount because of something with the way GitHub actions and SELinux works. Copying the files into the container before starting it will set the file system permissions correctly. A bind mount works just fine on my load build and test so it seems like an exclusive issue to GHA.

@jessedearing
Add observable-builder user and use /project
84ec9b7 
Adds an observable-builder user with a home directory of /project. This
uses 8000 as the uid since that's not likely to collide with any users
on the container runtime host machines.
@jessedearing jessedearing self-assigned this Sep 16, 2024
@jessedearing
Copy link
Contributor Author

Working on fixing the breakages. I just have to order the creation of the user correctly

@jessedearing jessedearing removed the request for review from mythmon September 16, 2024 23:08
mythmon
mythmon requested changes Sep 17, 2024
View reviewed changes
Dockerfile Outdated Show resolved Hide resolved
Dockerfile Outdated Show resolved Hide resolved
tests/index.ts Outdated Show resolved Hide resolved
package.json Outdated Show resolved Hide resolved
tests/index.ts Outdated Show resolved Hide resolved
@jessedearing
Code review followups
c75df01 
* Use a traditional /home directory
* Combine poetry into python layer
* Rename mounts
* Removed unused imports
* Put tar-fs into devDependencies
mythmon
mythmon approved these changes Sep 19, 2024
View reviewed changes
Copy link
Member

@mythmon mythmon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good. I'd like to take some time to test this manually a bit before we release it, but I don't think I'd be able to do that before Monday. Lets go ahead and merge this and I'll handle a new release next week.

@jessedearing jessedearing merged commit 328292f into main Sep 19, 2024
1 check passed
@jessedearing jessedearing deleted the add-user branch September 19, 2024 16:08
@mythmon
Copy link
Member

mythmon commented Sep 23, 2024

@jessedearing unfortunately it looks like this would break cloud builds, at least in my local testing. The files the builder copies into the image are owned by uid 1000. Do you think we can fix this quickly, or should we roll this bac until we can figure out a way to make it compatible?

@jessedearing
Copy link
Contributor Author

We can change the uid to 1000 which should work. Will follow up with another PR

@jessedearing jessedearing mentioned this pull request Sep 23, 2024
Closed
@mythmon
Copy link
Member

mythmon commented Sep 23, 2024

I think it might have just been 1000 because that is my UID. I don't know what UID the builder will be using. I think maybe the right choice would be to have the builder explicitly specify a UID when copying files. Either way we should make sure to test this in-site in the next PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mythmon mythmon mythmon approved these changes

Assignees

@jessedearing jessedearing

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jessedearing @mythmon