Skip to content

Commit

Permalink
fix(Dockerfile): use busybox to set permissions
Browse files Browse the repository at this point in the history
the docker tools do not behave as expected
  • Loading branch information
stakach committed Nov 14, 2024
1 parent 9a77aea commit e8bd8a2
Showing 1 changed file with 12 additions and 5 deletions.
17 changes: 12 additions & 5 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -30,10 +30,10 @@ COPY shard.lock .

RUN shards install --production --ignore-crystal-version --skip-postinstall --skip-executables

# Add src (0777 as container may be launch as a random user)
# Add src
COPY ./src /app/src
RUN mkdir -p /app/www && chmod 0777 /app/www
RUN mkdir -p /app/tmp && chmod 0777 /app/tmp
RUN mkdir -p /app/www
RUN mkdir -p /app/tmp

# Build application
RUN PLACE_COMMIT=$PLACE_COMMIT \
Expand Down Expand Up @@ -77,8 +77,15 @@ COPY --from=build /usr/libexec/git-core/ /usr/libexec/git-core/
# Copy the app into place
COPY --from=build /app/deps /
COPY --from=build /app/bin /
COPY --from=build --chown=appuser:appuser --chmod=0777 /app/www/ /app/www/
COPY --from=build --chown=appuser:appuser --chmod=0777 /app/tmp /tmp/

COPY --from=build --chown=0:0 /app/www /app/www
COPY --from=build --chown=0:0 /app/tmp /tmp

# This seems to be the only way to set permissions properly
COPY --from=build /bin /bin
RUN chmod -R a+rwX /tmp
RUN chmod -R a+rwX /app/www
RUN rm -rf /bin

Check failure on line 88 in Dockerfile

View workflow job for this annotation

GitHub Actions / dockerfile-style / dockerfile-style

SC2114 warning: Warning: deletes a system directory.

# Use an unprivileged user.
USER appuser:appuser
Expand Down

0 comments on commit e8bd8a2

Please sign in to comment.