From 4df121605611da96230ea2de91e08d459ea06e72 Mon Sep 17 00:00:00 2001 From: nicomiguelino Date: Thu, 13 Feb 2025 11:10:57 -0800 Subject: [PATCH 1/7] fix: maintain consistency in permissions between host and container --- Dockerfile | 15 +++++++++++++++ docker-compose.yml | 8 +++++++- 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index b9b89bb..fc64d90 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,18 @@ FROM node:22 +ARG USER_ID +ARG GROUP_ID +ARG USER_NAME + +RUN userdel node +RUN groupadd -g ${GROUP_ID} ${USER_NAME} +RUN useradd \ + -u ${USER_ID} \ + -g ${GROUP_ID} \ + --create-home \ + --non-unique \ + ${USER_NAME} + WORKDIR /app RUN mkdir -p /output RUN chmod -R 777 /output @@ -53,4 +66,6 @@ ADD package.json /app/package.json ADD package-lock.json /app/package-lock.json RUN npm install --quiet +USER ${USER_ID}:${GROUP_ID} + ADD . /app diff --git a/docker-compose.yml b/docker-compose.yml index 38ab3b3..2323a1a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,12 @@ services: webpack: - build: . + build: + context: . + dockerfile: Dockerfile + args: + USER_ID: ${UID:-1000} + GROUP_ID: ${GID:-1000} + USER_NAME: ${USER:-user} command: npx webpack --watch --config webpack.dev.js image: sbe_webpack:latest volumes: From 4ea98f09b9f7fb75520e02c63bb0f08603359b8a Mon Sep 17 00:00:00 2001 From: nicomiguelino Date: Thu, 13 Feb 2025 12:03:35 -0800 Subject: [PATCH 2/7] debug: build workflow --- .github/workflows/build.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 2a939ac..aafbd57 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -25,6 +25,11 @@ jobs: - name: Checkout uses: actions/checkout@v4 + # nico start - debug stuff + - name: Debug stuff + run: ls -l + # nico end + - name: Prepare manifest.json run: | if [[ $GITHUB_REF == refs/tags/v* ]]; then From 940a8cad02714752dfee8b6781ee25ab01c68ce4 Mon Sep 17 00:00:00 2001 From: nicomiguelino Date: Thu, 13 Feb 2025 12:05:36 -0800 Subject: [PATCH 3/7] chore: remove debug statements in workflow files --- .github/workflows/build.yaml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index aafbd57..2a939ac 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -25,11 +25,6 @@ jobs: - name: Checkout uses: actions/checkout@v4 - # nico start - debug stuff - - name: Debug stuff - run: ls -l - # nico end - - name: Prepare manifest.json run: | if [[ $GITHUB_REF == refs/tags/v* ]]; then From a0aab2c4240b9cd8bc3fca12b71f8ffd10bd99db Mon Sep 17 00:00:00 2001 From: nicomiguelino Date: Thu, 13 Feb 2025 12:16:18 -0800 Subject: [PATCH 4/7] chore(ci): fix permissions --- .github/workflows/build.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 2a939ac..b39a4a8 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -47,6 +47,7 @@ jobs: --rm \ -v $(pwd):/app:delegated \ -v /app/node_modules \ + --user $(id -u):$(id -g) \ sbe_webpack:latest \ /bin/bash -c "npx webpack --config webpack.dev.js && npm run test" @@ -57,6 +58,7 @@ jobs: --rm \ -v $(pwd)/artifacts:/app/artifacts:delegated \ -v /app/artifacts/node_modules \ + --user $(id -u):$(id -g) \ sbe_webpack:latest \ /bin/bash -c "npm run build && cp -r dist/ artifacts/" From da8b133386d6ba4645f0dc50156833d0964a537b Mon Sep 17 00:00:00 2001 From: nicomiguelino Date: Thu, 13 Feb 2025 12:20:29 -0800 Subject: [PATCH 5/7] chore(ci): fix permission issues --- .github/workflows/build.yaml | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index b39a4a8..d654f8e 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -53,14 +53,22 @@ jobs: - name: Build and Package the Extension run: | - mkdir artifacts + mkdir -p artifacts + # Create dist directory with proper permissions docker run \ --rm \ - -v $(pwd)/artifacts:/app/artifacts:delegated \ - -v /app/artifacts/node_modules \ + -v $(pwd):/app:delegated \ + -v /app/node_modules \ + sbe_webpack:latest \ + /bin/bash -c "mkdir -p /app/dist && chown -R $(id -u):$(id -g) /app/dist" + # Run the build + docker run \ + --rm \ + -v $(pwd):/app:delegated \ + -v /app/node_modules \ --user $(id -u):$(id -g) \ sbe_webpack:latest \ - /bin/bash -c "npm run build && cp -r dist/ artifacts/" + /bin/bash -c "npm run build && mkdir -p artifacts && cp -r dist/* artifacts/" - name: Compress run: | From d554aac93f560c4ee81506469ac6efea3f915ad2 Mon Sep 17 00:00:00 2001 From: nicomiguelino Date: Thu, 13 Feb 2025 13:47:00 -0800 Subject: [PATCH 6/7] chore(ci): fix permissions --- .github/workflows/build.yaml | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index d654f8e..7d25f02 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -53,14 +53,10 @@ jobs: - name: Build and Package the Extension run: | - mkdir -p artifacts - # Create dist directory with proper permissions - docker run \ - --rm \ - -v $(pwd):/app:delegated \ - -v /app/node_modules \ - sbe_webpack:latest \ - /bin/bash -c "mkdir -p /app/dist && chown -R $(id -u):$(id -g) /app/dist" + # Create directories with correct permissions from the start + mkdir -p dist artifacts + chmod 777 dist artifacts + # Run the build docker run \ --rm \ @@ -68,7 +64,7 @@ jobs: -v /app/node_modules \ --user $(id -u):$(id -g) \ sbe_webpack:latest \ - /bin/bash -c "npm run build && mkdir -p artifacts && cp -r dist/* artifacts/" + /bin/bash -c "npm run build && cp -r dist/* artifacts/" - name: Compress run: | From d3a63f1da11d0a5bc40f54d782d22aeca415000a Mon Sep 17 00:00:00 2001 From: nicomiguelino Date: Thu, 13 Feb 2025 13:50:43 -0800 Subject: [PATCH 7/7] chore(ci): revert majority of the changes in `build.yml` --- .github/workflows/build.yaml | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 7d25f02..2a939ac 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -47,24 +47,18 @@ jobs: --rm \ -v $(pwd):/app:delegated \ -v /app/node_modules \ - --user $(id -u):$(id -g) \ sbe_webpack:latest \ /bin/bash -c "npx webpack --config webpack.dev.js && npm run test" - name: Build and Package the Extension run: | - # Create directories with correct permissions from the start - mkdir -p dist artifacts - chmod 777 dist artifacts - - # Run the build + mkdir artifacts docker run \ --rm \ - -v $(pwd):/app:delegated \ - -v /app/node_modules \ - --user $(id -u):$(id -g) \ + -v $(pwd)/artifacts:/app/artifacts:delegated \ + -v /app/artifacts/node_modules \ sbe_webpack:latest \ - /bin/bash -c "npm run build && cp -r dist/* artifacts/" + /bin/bash -c "npm run build && cp -r dist/ artifacts/" - name: Compress run: |