Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor(docker): allow r/w access in mounted volumes #9281

Merged
merged 14 commits into from
Mar 3, 2025
Merged

refactor(docker): allow r/w access in mounted volumes #9281

merged 14 commits into from
Mar 3, 2025
+129 −85

Conversation

upbqdn
Copy link
Member

@upbqdn upbqdn commented Feb 20, 2025
edited by gustavovalverde
Loading

Motivation

The two errors above occur because we mount GCP volumes without read/write access for the new non-privileged user we switched to in PR #8923. We get those errors only in production containers and not test containers because we didn't switch to a non-privileged user in test containers.

Solution

  • Switch to a non-privileged user in the tests stage in the Dockerfile.

PR Checklist

  • The PR name is suitable for the release notes.
  • The solution is tested.
  • The documentation is up to date.
  • The PR has a priority label.
  • If the PR shouldn't be in the release notes, it has the
    C-exclude-from-changelog label.

Sorry, something went wrong.

@upbqdn upbqdn added A-devops Area: Pipelines, CI/CD and Dockerfiles C-exclude-from-changelog Category: The PR should be excluded from the changelog and release notes labels Feb 20, 2025
@upbqdn upbqdn self-assigned this Feb 20, 2025
@github-actions github-actions bot added C-trivial Category: A trivial change that is not worth mentioning in the CHANGELOG labels Feb 20, 2025
@gustavovalverde gustavovalverde requested a review from a team as a code owner February 28, 2025 09:42
@gustavovalverde gustavovalverde requested review from conradoplg and removed request for a team February 28, 2025 09:42
@gustavovalverde
Copy link
Member

@upbqdn this should be ready now. Only the PR description and Title will require updates

upbqdn
upbqdn commented Feb 28, 2025
View reviewed changes
Copy link
Member Author

@upbqdn upbqdn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't we still need to adjust the permissions for mounted volumes? I'm happy to do that.

upbqdn
upbqdn commented Feb 28, 2025
View reviewed changes
@gustavovalverde
Copy link
Member

Don't we still need to adjust the permissions for mounted volumes? I'm happy to do that.

No. gosu will take care of that. The entrypoint starts after the mounting, but before zebrad.

@gustavovalverde @upbqdn
docs(entrypoint): clarify variables usage
3e72182 
Co-authored-by: Marek <mail@marek.onl>
@gustavovalverde gustavovalverde changed the title change(ci): Allow non-privileged r/w access in GCP containers refactor(docker): allow r/w access in mounted volumes Mar 3, 2025
gustavovalverde
gustavovalverde approved these changes Mar 3, 2025
View reviewed changes
Copy link
Member

@gustavovalverde gustavovalverde left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@gustavovalverde gustavovalverde merged commit de7e5b5 into main Mar 3, 2025
162 of 164 checks passed
@gustavovalverde gustavovalverde deleted the change-user-tests branch March 3, 2025 18:21
@gustavovalverde
Copy link
Member

Admin merged because of flaky tests

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gustavovalverde gustavovalverde

@conradoplg conradoplg

Assignees

@upbqdn upbqdn

@gustavovalverde gustavovalverde

Labels
A-devops Area: Pipelines, CI/CD and Dockerfiles C-exclude-from-changelog Category: The PR should be excluded from the changelog and release notes P-High 🔥
Projects
None yet
Milestone
No milestone
2 participants
@upbqdn @gustavovalverde