Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Documenting known issue: pack 0.33.0 has breaking change for library users #2071

Open
natalieparellano opened this issue Feb 16, 2024 · 1 comment
Open

Documenting known issue: pack 0.33.0 has breaking change for library users #2071

natalieparellano opened this issue Feb 16, 2024 · 1 comment
Labels
documentation status/ready Issue ready to be worked on. type/bug Issue that reports an unexpected behaviour.

Comments

@natalieparellano
Copy link
Member

Description

This was reported in Slack: https://cloud-native.slack.com/archives/C033DV8D9FB/p1708014910021369

Previously, build.LifecycleOptions.UID didn't exist as a field / options for the "lifecycle executor".

When we merged #2017 we didn't realize that in order for the "lifecycle executor" to work properly the l.opts.UID must be set intentionally, to either:

  • The CNB_USER_ID or some other positive value
  • A negative value to avoid providing -uid to the lifecycle
  • 0 if you really want to run the lifecycle as root (this will not work)

If l.opts.UID is unset (0) then a number of issues can occur:

  • (trusted flow) The creator will error out at the detect phase, refusing to run as root
  • (untrusted flow) The analyzer will chown the /layers directory to be root-owned, and the detector will fail to write group.toml there
  • ...

Proposed solution

When upgrading to 0.33.0, pack library consumers MUST set build.LifecycleOptions.UID to either a positive or negative value. It cannot be 0.

Describe alternatives you've considered

We could roll back #2017. But, a similar requirement has already existed for some time for build.LifecycleOptions.GID.
@natalieparellano natalieparellano added type/enhancement Issue that requests a new feature or improvement. status/triage Issue or PR that requires contributor attention. type/bug Issue that reports an unexpected behaviour. status/resolved Support issues that have been resolved. and removed type/enhancement Issue that requests a new feature or improvement. status/triage Issue or PR that requires contributor attention. labels Feb 16, 2024
@jjbustamante jjbustamante added status/ready Issue ready to be worked on. and removed status/resolved Support issues that have been resolved. labels Feb 22, 2024
@edmorley
Copy link
Contributor

edmorley commented Apr 1, 2024

xref superfly/flyctl#3396

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation status/ready Issue ready to be worked on. type/bug Issue that reports an unexpected behaviour.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@edmorley @jjbustamante @natalieparellano