You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After the validation workflow is completed the validator container will collect metrics from prometheus container, we create metrics file from the container in /opt/data/metrics which is in turn mounted in disk.
After the pipeline of CD is completed we want to clean dumped files from the user disk however the permission on metrics file aren't set correctly because we are using root user in all our containers.
Describe the solution you'd like
one possible solution is to set a non root user by adding 2 arguments to dockerfile USER_ID and USERGROUP_ID which are extracted from the current user terminal session.
in docker file for a user named archethic_node and a group named archethic
Is your feature request related to a problem?
After the validation workflow is completed the validator container will collect metrics from prometheus container, we create metrics file from the container in
/opt/data/metrics
which is in turn mounted in disk.After the pipeline of CD is completed we want to clean dumped files from the user disk however the permission on metrics file aren't set correctly because we are using root user in all our containers.
Describe the solution you'd like
one possible solution is to set a non root user by adding 2 arguments to dockerfile USER_ID and USERGROUP_ID which are extracted from the current user terminal session.
in docker file for a user named archethic_node and a group named archethic
ARG USER_ID ARG GROUP_ID RUN addgroup -g $GROUP_ID archethic && \ adduser --shell /sbin/nologin --disabled-password \ --uid $USER_ID --ingroup archethic archethic_node
and then
USER archethic_node
when building image
{user_id, _} = System.cmd("id", ["-u"])
{group_id, _} = System.cmd("id", ["-g"])
{_, 0} = docker([ "build", "-t", "archethic-ci", "--target", "archethic-ci", "--build-arg", "USER_ID=#{String.trim(user_id)}", "--build-arg", "GROUP_ID=#{String.trim(group_id)}", "." ])
however when changing user we have a git dubious ownership error when trying to create a new branch for code proposal.
Additional context
Epic: #154
The text was updated successfully, but these errors were encountered: