Let user set UID used inside cloudcontrol container

[timdeluxe]

When started, cloudcontrol runs with UID 1000 (or sometimes 1001, depending on the flavor). On MacOS that is no problem, because Docker Desktop seems to translate that well enough, however on Linux this causes problems, if f.e. terraform wants to create files in the mounted "repo" folder, which is owned by the UID of the desktop user the user works with and therefore terraform does not work correctly, since it can't create files.

Chowning the repo files to 1000 (or 1001) is very ugly and problematic and also world-write is problematic, so the cloud control container should rather work with the same UID the desktop user uses.

The user should be able to set it and the the container should run with that UID.

[dploeger]

Hmm.. Good question how to achieve that. The cloudcontrol user is created during the build, so it can't really change the user id afterwards... 🤔

How about setting user in the docker-compose file? Does that work?

[timdeluxe]

Thomas D. tried it:

Attaching to cli-1
cli-1  | 2024/09/03 07:31:37 Setting bash as default shell
cli-1  | ./ccc: open /home/cloudcontrol/.shell: permission denied
cli-1 exited with code 1

Can't we set the container to run with root and chown and su to the right user with the entrypoint script?

[dploeger]

Then the container would basically run as root, which is discouraged usually. I would only use it as a last resort. There has to be some other way.

[timdeluxe]

Some sudo stuff maybe?

[dploeger]

That might be an idea.