fix: Run container as root to fix react-router permission denied
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
- Change Dockerfile to run as root instead of peikarband user - Update Helm values.yaml to use root user (runAsUser: 0, runAsNonRoot: false) - Improve entrypoint.sh permission handling with reusable function - Add reflex init before run if packages not installed - Fix node_modules/.bin permissions for symlinks and targets This resolves the 'react-router: Permission denied' error by running containers with root privileges. TODO: Switch back to non-root user after permission issues are fully resolved.
This commit is contained in:
Ehsan.Asadi
@@ -101,9 +101,10 @@ LABEL org.opencontainers.image.vendor="Peikarband"
|
||||
LABEL org.opencontainers.image.version="${VERSION}"
|
||||
LABEL org.opencontainers.image.created="${BUILD_DATE}"
|
||||
|
||||
# Create non-root user
|
||||
RUN groupadd -r peikarband && \
|
||||
useradd -r -g peikarband -u 1000 -m -s /bin/bash peikarband
|
||||
# Running as root for now to avoid permission issues
|
||||
# TODO: Switch back to non-root user after permission issues are resolved
|
||||
# RUN groupadd -r peikarband && \
|
||||
# useradd -r -g peikarband -u 1000 -m -s /bin/bash peikarband
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
@@ -124,7 +125,8 @@ COPY --from=builder /usr/local/bin /usr/local/bin
|
||||
|
||||
# Copy application code to /app/peikarband/ to create peikarband.peikarband structure
|
||||
# With app_name="peikarband", Reflex expects to find peikarband.peikarband module
|
||||
COPY --from=builder --chown=peikarband:peikarband /build/peikarband /app/peikarband
|
||||
# Running as root, so no need for chown
|
||||
COPY --from=builder /build/peikarband /app/peikarband
|
||||
|
||||
# Copy entrypoint script
|
||||
COPY docker/entrypoint.sh /usr/local/bin/entrypoint.sh
|
||||
@@ -163,7 +165,7 @@ ENV PYTHONUNBUFFERED=1 \
|
||||
REFLEX_DIR=/app/peikarband \
|
||||
NODE_ENV=production
|
||||
|
||||
# Diagnostic information (before switching to non-root user)
|
||||
# Diagnostic information
|
||||
RUN echo "=== Diagnostic Info ===" && \
|
||||
if [ -f /app/peikarband/.web/node_modules/.bin/react-router ]; then \
|
||||
ls -la /app/peikarband/.web/node_modules/.bin/react-router && \
|
||||
@@ -178,8 +180,8 @@ RUN echo "=== Diagnostic Info ===" && \
|
||||
HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \
|
||||
CMD curl -f http://localhost:8000/ping || exit 1
|
||||
|
||||
# Switch to non-root user
|
||||
USER peikarband
|
||||
# Running as root for now to avoid permission issues
|
||||
# USER peikarband
|
||||
|
||||
# Expose port
|
||||
EXPOSE 3000 8000
|
||||
|
||||
Reference in New Issue
Block a user