From b6bfa0c57447ed4ea97fa6e9375b00c0a5465c2a Mon Sep 17 00:00:00 2001 From: soustruh Date: Thu, 29 May 2025 17:43:15 +0200 Subject: [PATCH 1/3] =?UTF-8?q?added=20the=20fix/=20branch=20prefix=20?= =?UTF-8?q?=F0=9F=94=A7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/push.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 21a6dec..3f8a800 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -2,10 +2,11 @@ name: Keboola Component Build & Deploy Pipeline on: push: branches: - - 'feature/*' - - 'bug/*' + - feature/* + - bug/* + - fix/* tags: - - '*' # Skip the workflow on the main branch without tags + - "*" # Skip the workflow on the main branch without tags concurrency: ci-${{ github.ref }} # to avoid tag collisions in the ECR env: From f3d0188032c73e21105da6dd67e5f105d6c3993e Mon Sep 17 00:00:00 2001 From: soustruh Date: Thu, 29 May 2025 17:43:27 +0200 Subject: [PATCH 2/3] more appropriate logging placement --- src/component.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/component.py b/src/component.py index 60a52d3..8727a07 100644 --- a/src/component.py +++ b/src/component.py @@ -93,6 +93,7 @@ def script_excerpt(script): @staticmethod def install_packages(packages): for package in packages: + logging.info("Installing package: %s...", package) args = [ "uv", "add", @@ -100,8 +101,8 @@ def install_packages(packages): ] process = subprocess.Popen(args, stdout=subprocess.PIPE, stderr=subprocess.PIPE) stdout, stderr = process.communicate() - logging.info(f"Installing package: {package}. Full log in detail.", extra={"full_message": stdout}) process.poll() + logging.info("Installation finished: %s. Full log in detail.", package, extra={"full_message": stdout}) if process.poll() != 0: raise UserException(f"Failed to install package: {package}. Log in event detail.", stderr) elif stderr: From e2c80b8880dfa778d183689edb689641c3d0a31e Mon Sep 17 00:00:00 2001 From: soustruh Date: Thu, 29 May 2025 17:45:38 +0200 Subject: [PATCH 3/3] =?UTF-8?q?explicitly=20create=20user=20with=20uid=201?= =?UTF-8?q?000=20=F0=9F=90=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit …to use their standard home directory as $HOME --- Dockerfile | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6817573..0a6352a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,6 +3,10 @@ COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /bin/ # RUN apt-get update && apt-get install -y build-essential +# Create user to correctly set the $HOME env variable (used by certain packages, eg. stanza, for caching data) +ARG USERNAME=keboola +RUN adduser --uid 1000 --disabled-password ${USERNAME} + # Set UV_CACHE_DIR to override XDG_CACHE_HOME from the base image # See https://docs.astral.sh/uv/concepts/cache/#cache-directory RUN mkdir -p /.cache/uv @@ -12,19 +16,21 @@ ENV UV_CACHE_DIR="/.cache/uv" # Using the same path as venv defined in the base image so we can use all the preinstalled packages ENV UV_PROJECT_ENVIRONMENT="/home/default/" +# Run uv sync as uid/gid 1000 so we don't have to chown the /home/default directory with 100k files =-O +USER 1000:1000 + WORKDIR /code/ COPY pyproject.toml . COPY uv.lock . -# Run uv sync as uid/gid 1000 so we don't have to chown the /home/default directory with 100k files =-O -USER 1000:1000 # The --inexact flag prevents uv from uninstalling the preinstalled packages RUN uv sync --all-groups --frozen --inexact -# Keboola running containers with "-u 1000:1000" causes permission when installing user defined packages +# Keboola running containers with "-u 1000:1000" causes permission issues when installing user defined packages +# so we need to chown the files to 1000:1000 USER root -RUN chown 1000:1000 /code/pyproject.toml -RUN chown 1000:1000 /code/uv.lock +RUN chown 1000:1000 pyproject.toml +RUN chown 1000:1000 uv.lock COPY src/ src/ COPY tests/ tests/ @@ -32,4 +38,6 @@ COPY scripts/ scripts/ COPY flake8.cfg . COPY deploy.sh . +RUN chown -R 1000:1000 * + CMD ["uv", "run", "python", "src/component.py"]