Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Chmod fails when running as non-root user #371

Closed
cz4rny opened this issue Jul 11, 2022 · 3 comments
Closed

Chmod fails when running as non-root user #371

cz4rny opened this issue Jul 11, 2022 · 3 comments

Comments

@cz4rny
Copy link

cz4rny commented Jul 11, 2022

This buildpack runs chmod on the project's directory.

Expected Behavior

Buildpacks is able to continue on userspace (non-root) execution.

Current Behavior

Fails on chmod, e.g.:

Paketo NPM Install Buildpack 0.10.0
  Resolving installation process
    Process inputs:
      node_modules      -> "Not found"
      npm-cache         -> "Not found"
      package-lock.json -> "Found"
    Selected NPM build process: 'npm ci'
  Executing build environment install process
    Running 'npm ci --unsafe-perm --cache /layers/paketo-buildpacks_npm-install/npm-cache'
      Completed in 35.006s
  Configuring build environment
    NODE_ENV -> "development"
    PATH     -> "$PATH:/layers/paketo-buildpacks_npm-install/build-modules/node_modules/.bin"
  Generating SBOM for /layers/paketo-buildpacks_npm-install/build-modules
chmod /builds/p2s/gp2s-search/gp2s-search-frontend: operation not permitted

Possible Solution

Continue if chmod failed.

Steps to Reproduce

Run the buildpack with non-root privileges, i.e. a .gitlab-ci.yaml

stages:
  - build

default:
  tags:
    - linux
    - amd64
    - docker
 
build-image:
  stage: build
  image: paketobuildpacks/builder:full
  # Access to GitLab Container Registry for Paketo lifecycle
  before_script:
    - mkdir ~/.docker
    - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_JOB_TOKEN\"}}}" >> ~/.docker/config.json
  variables:
    PLATFORM_DIR: /tmp/platform
  script:
    # creator binary doesn't read environment variables, but reads platform files.
    # Defining variables as per the the Platform Interface
    # https://github.com/buildpacks/spec/blob/main/platform.md#user-provided-variables
    - cp -r /platform "$PLATFORM_DIR"
    - echo build > "$PLATFORM_DIR/env/BP_NODE_RUN_SCRIPTS"
    - /cnb/lifecycle/creator
      -platform "$PLATFORM_DIR"
      -app=.
      $CI_REGISTRY_IMAGE:latest

Motivations

I'd like to be able to use newer paketo buildpacks in userspace builds.
@cz4rny
Copy link
Author

cz4rny commented Jul 11, 2022

It's a direct consequence of the #362 PR.

I'm not sure that the requirement of group-writeable should be done by the npm-install (this) buildpack. If that's a global buildpack feature I would assume that the projectPath directory should be made group-writable on creation. Which I don't believe happens in this buildpack.

@cz4rny cz4rny mentioned this issue Jul 11, 2022
Closed
5 tasks
@ryanmoran
Copy link
Member

@cz4rny did #373 end up resolving this issue for you?

@cz4rny
Copy link
Author

cz4rny commented Sep 26, 2022

@ryanmoran Not sure if this particular one, but after the paketo images have been rebuilt within a week, npm started to work again.

@cz4rny cz4rny closed this as completed Sep 26, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Don't fail job when chmod fails cz4rny/paketo-buildpacks-npm-install
2 participants
@ryanmoran @cz4rny