From 711ca9df088637b0963310b5bce203ba3d16542b Mon Sep 17 00:00:00 2001 From: Paul Gauthier Date: Wed, 31 Jul 2024 10:20:47 -0300 Subject: [PATCH] feat(docker): add permissions kludges to support `docker run --user xxx` The changes in this commit add some permission kludges to the Docker image to support running the container with the `--user` flag. Specifically, it: - Adds permissions to the virtual environment directory and subdirectories to allow read/write/execute access for all users. - Creates the `.aider` and `.cache` directories and grants read/write/execute access to all users. This ensures that the container can be run with a non-root user without encountering permission issues. --- docker/Dockerfile | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 38e37e61b..706195587 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -9,6 +9,12 @@ WORKDIR /app RUN python -m venv /venv ENV PATH="/venv/bin:$PATH" +# Permission kludges to support `docker run --user xxx` +RUN chmod a+rwx /venv /venv/{bin,include,lib,lib/python3.1/site-packages} + +RUN mkdir /.aider /.cache +RUN chmod a+rwx /.aider /.cache + # So git doesn't complain about unusual permissions RUN git config --system --add safe.directory /app @@ -16,8 +22,8 @@ RUN git config --system --add safe.directory /app FROM base AS aider-full COPY . /tmp/aider -RUN pip install --upgrade pip \ - && pip install --no-cache-dir /tmp/aider[help,browser,playwright] \ +RUN /venv/bin/python -m pip install --upgrade --no-cache-dir pip \ + && /venv/bin/python -m pip install --no-cache-dir /tmp/aider[help,browser,playwright] \ --extra-index-url https://download.pytorch.org/whl/cpu \ && rm -rf /tmp/aider @@ -29,8 +35,8 @@ ENTRYPOINT ["/venv/bin/aider"] FROM base AS aider COPY . /tmp/aider -RUN pip install --upgrade pip \ - && pip install --no-cache-dir /tmp/aider \ +RUN /venv/bin/python -m pip install --upgrade --no-cache-dir pip \ + && /venv/bin/python -m pip install --no-cache-dir /tmp/aider \ --extra-index-url https://download.pytorch.org/whl/cpu \ && rm -rf /tmp/aider