Skip to content

Commit

Permalink
feat: enable non-root run (#71)
Browse files Browse the repository at this point in the history
  • Loading branch information
@rlespinasse
rlespinasse committed Mar 23, 2024
1 parent 527202a commit 366bc09
Show file tree
Hide file tree
Showing 7 changed files with 123 additions and 12 deletions.
11 changes: 10 additions & 1 deletion .gitignore
View file
@@ -1,8 +1,17 @@
# node
node_modules/
package-lock.json

# test runs
output/
*.pdf
*.svg
*.png
!tests/expected/*.svg
!tests/expected/*.png
package-lock.json

# non-root user runs
home
.cache
.config
core
6 changes: 4 additions & 2 deletions Dockerfile
View file
Expand Up @@ -28,9 +28,11 @@ apt-get install -y fonts-liberation \
apt-get remove -y wget
rm -rf /var/lib/apt/lists/*

# Enable all users to write in the WORKDIR folder
chmod a+w .
EOF

COPY src/* ./
COPY --chmod=755 src/* ./

ENV ELECTRON_DISABLE_SECURITY_WARNINGS "true"
ENV DRAWIO_DISABLE_UPDATE "true"
Expand All @@ -39,7 +41,7 @@ ENV DRAWIO_DESKTOP_EXECUTABLE_PATH "/opt/drawio/drawio"
ENV DRAWIO_DESKTOP_SOURCE_FOLDER "/opt/drawio-desktop"
ENV DRAWIO_DESKTOP_RUNNER_COMMAND_LINE "/opt/drawio-desktop/runner.sh"
ENV XVFB_DISPLAY ":42"
ENV XVFB_OPTIONS ""
ENV XVFB_OPTIONS "-nolisten unix"
ENV ELECTRON_ENABLE_LOGGING "false"

ENTRYPOINT [ "/opt/drawio-desktop/entrypoint.sh" ]
Expand Down
8 changes: 2 additions & 6 deletions Makefile
View file
Expand Up @@ -19,12 +19,8 @@ build-multiarch:

cleanup:
@rm -rf tests/output
@rm -rf tests/data/*.pdf
@rm -rf tests/data/**/*.pdf
@rm -rf tests/data/*.svg
@rm -rf tests/data/**/*.svg
@rm -rf tests/data/*.png
@rm -rf tests/data/**/*.png
@rm -rf tests/data/home
@find tests/data \( -name "*.pdf" -o -name "*.svg" -o -name "*.png" \) -delete

RUN_ARGS?=
DOCKER_OPTIONS?=
Expand Down
45 changes: 42 additions & 3 deletions README.adoc
View file
Expand Up @@ -30,11 +30,50 @@ NOTE: Want a new font package, modify the `Dockerfile` to install the missing pa

== Running

[source,bash]
.Default run
[source,console]
----
docker run -it -w /data -v $(pwd):/data rlespinasse/drawio-desktop-headless
$ docker run -it -w /data -v $(pwd):/data rlespinasse/drawio-desktop-headless
Usage: drawio [options] [input file/folder]
...
----

.Run using non-root user
[source,console]
----
$ docker run -it \
-u $(id -u):$(id -g) \ <1>
-e HOME=/data/home -w /data \ <2>
-v $(pwd):/data rlespinasse/drawio-desktop-headless
Usage: drawio [options] [input file/folder]
...
----
<1> Enable non-root user
<2> env HOME need to contains the path of the working directory (can be the same)
+
.If env HOME is not set properly
[%collapsible]
====
[,console]
----
Fontconfig error: No writable cache directories
A JavaScript error occurred in the main process
Uncaught Exception:
Error: Failed to get 'userData' path
at initDataListener (/opt/drawio/resources/app.asar/node_modules/electron-store/index.js:15:19)
at new ElectronStore (/opt/drawio/resources/app.asar/node_modules/electron-store/index.js:48:32)
at Object.<anonymous> (/opt/drawio/resources/app.asar/src/main/electron.js:15:15)
at Module._compile (node:internal/modules/cjs/loader:1271:14)
at Module._extensions..js (node:internal/modules/cjs/loader:1326:10)
at Module.load (node:internal/modules/cjs/loader:1126:32)
at Module._load (node:internal/modules/cjs/loader:967:12)
at l._load (node:electron/js2c/asar_bundle:2:13642)
at node:electron/js2c/browser_init:2:120247
at node:electron/js2c/browser_init:2:120456
/opt/drawio-desktop/runner.sh: line 4: 15 Trace/breakpoint trap (core dumped) "${DRAWIO_DESKTOP_EXECUTABLE_PATH:?}" "$@" --no-sandbox --disable-gpu
----
====

=== Configuration

[cols="2a,3a,1a",options="header"]
Expand All @@ -58,7 +97,7 @@ for days. A duration of 0 disables the associated timeout.

| **XVFB_OPTIONS**
| Options for Xvfb
|
| `-nolisten unix` (enable non-root run)

| **ELECTRON_DISABLE_SECURITY_WARNINGS**
| Avoid printing https://github.com/electron/electron/blob/master/docs/tutorial/security.md#electron-security-warnings[electron warning]
Expand Down
60 changes: 60 additions & 0 deletions tests/data/file4.drawio
View file
@@ -0,0 +1,60 @@
<mxfile host="localhost" modified="2020-05-11T08:11:10.086Z" etag="L2Vw7R6ZwuYNYa1SxQTY" agent="5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) Code/1.45.0 Chrome/78.0.3904.130 Electron/7.2.4 Safari/537.36" version="13.0.9" pages="2">
<diagram id="KgwwwuPXLq_iXDXmIebJ" name="Page-1">
<mxGraphModel dx="562" dy="654" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
<root>
<object label="" id="0">
<mxCell/>
</object>
<mxCell id="1" parent="0"/>
<UserObject label="Some text" link="https://github.com/rlespinasse/qanda" id="X03gjs-y7KjdQwQyzjE4-2">
<mxCell style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="10" y="10" width="120" height="60" as="geometry"/>
</mxCell>
</UserObject>
<mxCell id="2" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;" parent="1" source="X03gjs-y7KjdQwQyzjE4-4" target="X03gjs-y7KjdQwQyzjE4-2" edge="1">
<mxGeometry relative="1" as="geometry"/>
</mxCell>
<UserObject label="Some link" link="https://github.com/rlespinasse/qanda" id="X03gjs-y7KjdQwQyzjE4-4">
<mxCell style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" parent="1" vertex="1">
<mxGeometry x="30" y="170" width="80" height="20" as="geometry"/>
</mxCell>
</UserObject>
</root>
</mxGraphModel>
</diagram>
<diagram name="Page 2" id="WKCg2NcY1VQb7qcMgWaw">
&#xa; &#xa;&#xa;
<mxGraphModel dx="1106" dy="830" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
&#xa; &#xa;&#xa;
<root>
&#xa; &#xa;&#xa;
<mxCell id="RwZS0F2J_Ui9ka5hwAdE-0"/>
&#xa; &#xa;&#xa;
<mxCell id="RwZS0F2J_Ui9ka5hwAdE-1" parent="RwZS0F2J_Ui9ka5hwAdE-0"/>
&#xa; &#xa;&#xa;
<UserObject label="Some text" link="https://github.com/rlespinasse/qanda" id="RwZS0F2J_Ui9ka5hwAdE-2">
&#xa; &#xa;&#xa;
<mxCell style="rounded=1;whiteSpace=wrap;html=1;" vertex="1" parent="RwZS0F2J_Ui9ka5hwAdE-1">
&#xa; &#xa;&#xa;
<mxGeometry x="10" y="10" width="120" height="60" as="geometry"/>
&#xa; &#xa;&#xa;
</mxCell>
&#xa; &#xa;&#xa;
</UserObject>
&#xa; &#xa;&#xa;
<UserObject label="Some link" link="https://github.com/rlespinasse/qanda" id="RwZS0F2J_Ui9ka5hwAdE-3">
&#xa; &#xa;&#xa;
<mxCell style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="RwZS0F2J_Ui9ka5hwAdE-1">
&#xa; &#xa;&#xa;
<mxGeometry x="30" y="90" width="80" height="20" as="geometry"/>
&#xa; &#xa;&#xa;
</mxCell>
&#xa; &#xa;&#xa;
</UserObject>
&#xa; &#xa;&#xa;
</root>
&#xa; &#xa;&#xa;
</mxGraphModel>
&#xa; &#xa;&#xa;
</diagram>
</mxfile>
1 change: 1 addition & 0 deletions tests/expected/export-non-root.log
View file
@@ -0,0 +1 @@
file4.drawio -> file4.pdf
4 changes: 4 additions & 0 deletions tests/export.bats
View file
Expand Up @@ -16,6 +16,10 @@
docker_test "" 1 "export-check-thirdrun" "tests/data" -export file3.drawio
}

@test "Export as non-root" {
docker_test "--user $(id --user):$(id --group) --env HOME=/data/home" 0 "export-non-root" "tests/data" -x file4.drawio
}

@test "Export using unknown argument" {
docker_test "" 0 "export-file1" "tests/data" --export file1.drawio --wrong-argument
}

0 comments on commit 366bc09

Please sign in to comment.