Skip to content

Remove dbug and gnome keyring support from Docker image#2544

Merged
fnando merged 3 commits intomainfrom
fix-docker-entrypoint-non-root-uid
May 1, 2026
Merged

Remove dbug and gnome keyring support from Docker image#2544
fnando merged 3 commits intomainfrom
fix-docker-entrypoint-non-root-uid

Conversation

@leighmcculloch
Copy link
Copy Markdown
Member

@leighmcculloch leighmcculloch commented May 1, 2026

What

Drop dbus and gnome-keyring from the Docker image, remove entrypoint.sh, and set the stellar binary as the entrypoint directly. Document in docker/README.md that --secure-store is unsupported in the container.

Why

The previous entrypoint started dbus, which looked up the running UID in /etc/passwd and aborted under set -e when run with --user , breaking all non-root invocations including bind-mounted contract build flows. A keyring inside an ephemeral container has no useful role, so removing it is simpler than patching the UID lookup.

Close #2543

@leighmcculloch leighmcculloch requested a review from fnando May 1, 2026 13:14
@github-project-automation github-project-automation Bot moved this to Backlog (Not Ready) in DevX May 1, 2026
@leighmcculloch leighmcculloch marked this pull request as ready for review May 1, 2026 13:14
Copilot AI review requested due to automatic review settings May 1, 2026 13:14
Copilot AI reviewed May 1, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Removes DBus/gnome-keyring initialization from the Docker image so the container can run correctly under arbitrary non-root --user <uid>:<gid> setups (e.g., bind-mounted build workflows), and documents that --secure-store isn’t available in the container.

Changes:

  • Delete entrypoint.sh (previously started DBus and unlocked gnome-keyring) and set the stellar binary as the Docker entrypoint directly.
  • Drop dbus, gnome-keyring, and related DBus libraries from the Docker image install set.
  • Document in docker/README.md that --secure-store is unsupported in the container image.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File Description
entrypoint.sh Removed DBus/keyring bootstrap that failed under non-root UIDs.
docker/README.md Adds documentation clarifying --secure-store is not supported in the container.
Dockerfile Removes DBus/keyring packages and sets stellar as the direct ENTRYPOINT.

mootz12
mootz12 approved these changes May 1, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@mootz12 mootz12 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch

@fnando fnando merged commit 9ee3b3a into main May 1, 2026
215 checks passed
@fnando fnando deleted the fix-docker-entrypoint-non-root-uid branch May 1, 2026 17:19
@github-project-automation github-project-automation Bot moved this from Backlog (Not Ready) to Done in DevX May 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@mootz12 mootz12 mootz12 approved these changes

@fnando fnando Awaiting requested review from fnando

Assignees

No one assigned

Labels

None yet

Projects

DevX
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Docker image's entrypoint dbus init fails when run as non-root UID

4 participants

@leighmcculloch @mootz12 @fnando