From b6849652eb34d1ada748dbfc8f96a720823ffdf6 Mon Sep 17 00:00:00 2001 From: Jacob Bachmann Date: Mon, 24 Jun 2024 23:56:14 +0200 Subject: [PATCH] fix: insufficient permissions on devenv volume --- service/backend/controller/devenv.go | 7 ++++--- service/backend/service/docker.go | 5 ++++- service/backend/util/files.go | 7 +++++-- 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/service/backend/controller/devenv.go b/service/backend/controller/devenv.go index 365547a..e3f90de 100644 --- a/service/backend/controller/devenv.go +++ b/service/backend/controller/devenv.go @@ -309,9 +309,10 @@ func (devenv *DevenvController) Exec(ctx *gin.Context) { tmpUuid := guuid.New().String() target := filepath.Join(devenv.DevenvFilesPathTmp, tmpUuid) + mount := filepath.Join("/tmp", tmpUuid) util.SLogger.Debugf("Copying %s -> %s", src, target) - err := util.CopyRecurse(src, target) + err := util.CopyRecurse(src, target, 0777) if err != nil { util.SLogger.Warnf("Copying devenv container failed, %s", err.Error()) ctx.AbortWithStatusJSON(http.StatusBadRequest, types.ErrorResponse{ @@ -328,7 +329,7 @@ func (devenv *DevenvController) Exec(ctx *gin.Context) { } }() - id, _, port, err := devenv.Docker.EnsureDevenvContainerStarted(target) + id, _, port, err := devenv.Docker.EnsureDevenvContainerStarted(target, mount) if err != nil { util.SLogger.Warnf("Creating devenv container failed, %s", err.Error()) @@ -378,7 +379,7 @@ func (devenv *DevenvController) Exec(ctx *gin.Context) { } defer clientConn.Close() - err = p.CreateExecWebsocketPipe(clientConn, *cookie, target, command) + err = p.CreateExecWebsocketPipe(clientConn, *cookie, mount, command) if err != nil { ctx.AbortWithError(http.StatusBadRequest, err) return diff --git a/service/backend/service/docker.go b/service/backend/service/docker.go index c7727d0..1c409cc 100644 --- a/service/backend/service/docker.go +++ b/service/backend/service/docker.go @@ -177,6 +177,7 @@ func (docker *DockerService) CreateReplContainer( func (docker *DockerService) CreateDevenvContainer( devenvPath string, + mountPath string, opts types.RunContainerOptions, ) (*container.CreateResponse, error) { util.SLogger.Debugf("[%-25s] Creating container", fmt.Sprintf("NM:%s..", opts.ContainerName[:5])) @@ -196,7 +197,7 @@ func (docker *DockerService) CreateDevenvContainer( { Type: mount.TypeBind, Source: devenvPath, - Target: devenvPath, + Target: mountPath, }, }, LogConfig: container.LogConfig{ @@ -404,9 +405,11 @@ func (docker *DockerService) EnsureReplContainerStarted( func (docker *DockerService) EnsureDevenvContainerStarted( devenvPath string, + mountPath string, ) (*string, *string, *uint16, error) { response, err := docker.CreateDevenvContainer( devenvPath, + mountPath, types.RunContainerOptions{ ImageTag: "ptwhy", ContainerName: uuid.NewString(), diff --git a/service/backend/util/files.go b/service/backend/util/files.go index 7cdfa20..6f05b06 100644 --- a/service/backend/util/files.go +++ b/service/backend/util/files.go @@ -2,6 +2,7 @@ package util import ( "errors" + "io/fs" "os" "path/filepath" @@ -76,8 +77,10 @@ func DeleteDir(path string) error { return os.RemoveAll(path) } -func CopyRecurse(src string, target string) error { +func CopyRecurse(src string, target string, perm fs.FileMode) error { return cp.Copy(src, target, cp.Options{ - OnSymlink: func(string) cp.SymlinkAction { return cp.Skip }, + OnSymlink: func(string) cp.SymlinkAction { return cp.Skip }, + AddPermission: perm, }) } +