#I'm having a caching issue I don't know
sacred goblet
Good question. Indeed there is an owner option that could be plumbed through or "magically" figured out by the module.
dagger -M -c 'container | from alpine | with-exec -- addgroup,-S,appgroup | with-exec --
adduser,-S,appuser,-G,appgroup | with-user appuser | with-mounted-cache
"/appcache" $(cache-volume mycachevol) --owner appuser | terminal'
In the interactive terminal:
dagger / $ ls -la /appcache
total 8
drwxr-xr-x 2 appuser users 4096 Aug 29 15:49 .
drwxr-xr-x 1 root root 4096 Aug 29 15:53 ..
not sure if that magic could/should be in the API itself
cc @storm shell @arctic birch
@outer ruin so the idea would be that in the above case, because I used with-user appuser, then Dagger would look at the default user when with-mounted-cache was invoked and automatically apply the --owner appuser option. If it was the default root user, similar would happen.
It "seems" reasonable, but I wonder if anyone relying on the default root ownership would be affected by such a change...
The one thing is that the user affects the cache key, it seems.
As appuser I dropped a file in the cachevol and I couldn't see it as root user mounting the same cachevol name. but the file was there when I came back as appuser:
dagger / $ ls -al dagger / $ whoami
appuser
dagger / $ ls -al /appcache
total 8
drwxr-xr-x 1 appuser users 4096 Aug 29 16:00 .
drwxr-xr-x 1 root root 4096 Aug 29 16:01 ..
-rw-r--r-- 1 appuser appgroup 0 Aug 29 16:00 appuser_was_here
outer ruin
It may already be doing this and it could be the fault of the module. The module is mounting a cache device at /var/cache/golangci-lint, which is going to be owned by root by default. That's really the only way it could be created. I do wonder if dagger is smart enough to know a mount in $HOME/mydir should be owned by the owner of $HOME and not root.
sacred goblet
dagger / $ whoami
root
dagger / $ ls -la /appcache
total 8
drwxr-xr-x 2 root root 4096 Aug 29 16:01 .
drwxr-xr-x 1 root root 4096 Aug 29 16:03 ..
from
container | from alpine | with-exec -- addgroup,-S,appgroup | with-exec --
adduser,-S,appuser,-G,appgroup | with-user root | with-mounted-cache
"/appcache" $(cache-volume mycachevol) --owner root | terminal
nope, it's root by default
I moved the cache mount to appuser's homedir
dagger ~ $ ls -al
total 20
drwxr-sr-x 1 appuser appgroup 4096 Aug 29 16:06 .
drwxr-xr-x 1 root root 4096 Aug 27 22:59 ..
-rw------- 1 appuser appgroup 11 Aug 29 16:06 .ash_history
drwxr-xr-x 2 root root 4096 Aug 29 15:49 appcache
from
container | from alpine | with-exec -- addgroup,-S,appgroup | with-exec --
adduser,-S,appuser,-G,appgroup | with-user appuser | with-mounted-cache
"/home/appuser/appcache" $(cache-volume mycachevol) | terminal
can force ownership same way
container | from alpine | with-exec -- addgroup,-S,appgroup | with-exec --
adduser,-S,appuser,-G,appgroup | with-user appuser | with-mounted-cache
"/home/appuser/appcache" $(cache-volume mycachevol) --owner appuser |
terminal
since we "can" know the user via the API, should be possible to change the default cachevol owner.
⋈ container | from alpine | with-exec -- addgroup,-S,appgroup | with-exec --
adduser,-S,appuser,-G,appgroup | with-user appuser | user
appuser
So, without some awareness of the user running in the container, these mounts could cause failures (without module authors doing work to figure out ownership and set appropriately)
sacred goblet
@arctic birch guess this is an #maintainers convo at this point? API change eh?
@outer ruin could you open an issue on GitHub about what you think the behavior should be? 🙏
outer ruin
Which repo?
sacred goblet
Which repo?
