-
-
Notifications
You must be signed in to change notification settings - Fork 340
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Running as non-root user fails with "No module named 'requests'" #162
Comments
I just noticed that my docker container isn't working anymore due to this issue too. |
@douglasparker I pushed my fork to DockerHub to unblock myself: https://hub.docker.com/repository/docker/bobdoah/cloudflare-ddns if it's not too difficult, you can use that. At least, until this is merged, or the fix undone. |
Sweet deal, thanks for doing that! 😍 |
I have opened PR #182 to solve this. |
No disrespect @bobdoah but looks like yours is hard-coded to user 1000 and would break if run by another uid. Some Kubernetes policy engines (such as built-in OpenShift) will spin up the container with a random uid for security reasons. My PR will support running as any uid and the user can specify the uid:gid in their docker-compose or deployment.yaml. |
No offense taken. I didn't envisage anyone running this on openshift or anything like that, as my use case is k3s. |
Is this pull request available in the latest docker image in docker hub? |
Describe the bug
When running as non-root, the Docker image fails to run with:
This is because the directory where the dependencies are copied,
/root/.local/
, is not the user's home directory, and is inaccessible.To Reproduce
Steps to reproduce the behavior:
Expected behavior
The pod should run as non root. Ideally, a
USER
directive will be used in theDockerfile
, sorunAsNonRoot: true
can be used in preference torunAsUser
andrunAsGroup
.Introduced by the change to a multi-stage Docker build: #127
The text was updated successfully, but these errors were encountered: