user and group defined in alias and change permits for bundle

[oniram88]

Problem:
the permits of generated files in the project are root:root

Solution:
I don't know if this is the best way to handle this.
But if this is only for development purpose, then I can assume that it's not so bad to make world writable the bundler forlder

[fonsecas72]

I wonder if we really need to change the default bundle directory from /usr/local/bundle to /bundle

What comes from the base image Dockerfile#L88-L93 already has these things fixed so the flag "-u $(id -u):$(id -g" should just work, in theory

For caching, it shouldn't matter which directory we use. So I would just replace

VOLUME /bundle
RUN bundle config set --global path '/bundle'
ENV PATH="/bundle/ruby/3.1.0/bin:${PATH}"

by

VOLUME /usr/local/bundle

and update the README accordingly

[oniram88]

To make it work, I moved the gem install rails command before the volume and needed to re-change permissions

[dhh]

Docked Rails is only ever intended as a development tool. So don't want to complicate the main line with this. If we need to change something, let's just make the gem directory world readable. Feel free to open a PR for that.

[oniram88]

Docked Rails is only ever intended as a development tool. So don't want to complicate the main line with this. If we need to change something, let's just make the gem directory world readable. Feel free to open a PR for that.

I think you misunderstood my intent, the problem is not the permissions of the files in the bundler folder but the permissions of the files that come in the rails project created using scaffold or generate etc.

So in order to work with the container with the development user we have to run the container with the same uid and gid of the user who launches the container (u $(id -u):$(id -g))

Doing so, however, we have the problem that we can no longer install new gems, due to the lack of write permissions in the bundle folder. Hence the need to change those permissions. (RUN chmod -R ugo+rwt /usr/local/bundle)

[dhh]

Ahh, I see. This is the Linux problem where Docker runs as root? Because it doesn't trigger on macOS.

[oniram88]

yes, if you generate the application now, on linux, the result is this:

drwxr-xr-x 11 root root 4096 mar 14 07:50 app
drwxr-xr-x  2 root root 4096 mar 14 07:50 bin
drwxr-xr-x  5 root root 4096 mar 14 07:50 config
-rw-r--r--  1 root root  160 mar 14 07:49 config.ru
drwxr-xr-x  2 root root 4096 mar 14 07:49 db
-rw-r--r--  1 root root 2284 mar 14 07:49 Gemfile
-rw-r--r--  1 root root 5541 mar 14 07:50 Gemfile.lock
drwxr-xr-x  4 root root 4096 mar 14 07:49 lib
drwxr-xr-x  2 root root 4096 mar 14 07:50 log
drwxr-xr-x  2 root root 4096 mar 14 07:49 public
-rw-r--r--  1 root root  227 mar 14 07:49 Rakefile
-rw-r--r--  1 root root  374 mar 14 07:49 README.md
drwxr-xr-x  2 root root 4096 mar 14 07:49 storage
drwxr-xr-x 10 root root 4096 mar 14 07:49 test
drwxr-xr-x  5 root root 4096 mar 14 07:50 tmp
drwxr-xr-x  3 root root 4096 mar 14 07:50 vendor

I wasn't aware that on osx it behaved differently, and therefore I don't know if my modification would also be compatible with OSX.

You could change the permissions manually, but at every rails g .... you would have to repeat the operation.

[oniram88]

I rebase on main and kept only the changes strictly related to the issue of bundle write permissions and alias modification.

I think this issue is resolved too #21

[oniram88]

Note:
if you have already used docked with root permissions it is likely that the permissions of the gems installed in the cache volume are with root, therefore the quickest solution is to delete the volume and recreate it by installing the gems again

[viktorianer]

Truly needed feature, for people with Linux. 👍🏼

[wbox]

I think replacing docker by podman would solve this since podman doesn’t require elevated permissions to run. Podman is also fully compatible with Dockerfiles and the syntax is pretty much the same and it runs with current user permissions