meltano icon indicating copy to clipboard operation
meltano copied to clipboard
verified publisher icon meltano

Docker commands on docs create files as root

Open cristianwebber opened this issue 3 years ago • 4 comments

Issue

Files created by docker run -v $(pwd):/projects -w /projects meltano/meltano init my-meltano-project are owned by root.

Context

I started a poc today using the getting started on a Linux machine, and I find this problem.

The command docker run -v $(pwd):/projects -w /projects meltano/meltano init my-meltano-project create files in mounted volume as root by default.

A easy workaround is to use -u $(id -u):$(id -g) with the command. Maybe this should be on docs.

The command docker run -v $(pwd):/meltano -w /meltano -u $(id -u):$(id -g) meltano/meltano init my-meltano-project create the file with the same owner and permission of the user running the command.

I don't know if this is a problem in Windows.

Steps to reproduce:

Create the project:

$ docker run -v $(pwd):/projects -w /projects meltano/meltano init my-meltano-project
Created my-meltano-project
Creating project files...
  my-meltano-project/
   |-- .meltano
   |-- meltano.yml
   |-- README.md
   |-- requirements.txt
   |-- output/.gitignore
   |-- .gitignore
   |-- extract/.gitkeep
   |-- load/.gitkeep
   |-- transform/.gitkeep
   |-- analyze/.gitkeep
   |-- notebook/.gitkeep
   |-- orchestrate/.gitkeep
Creating system database...  Done!



                          ████   █████
                         ░░███  ░░███
 █████████████    ██████  ░███  ███████    ██████   ████████    ██████
░░███░░███░░███  ███░░███ ░███ ░░░███░    ░░░░░███ ░░███░░███  ███░░███
 ░███ ░███ ░███ ░███████  ░███   ░███      ███████  ░███ ░███ ░███ ░███
 ░███ ░███ ░███ ░███░░░   ░███   ░███ ███ ███░░███  ░███ ░███ ░███ ░███
 █████░███ █████░░██████  █████  ░░█████ ░░████████ ████ █████░░██████
░░░░░ ░░░ ░░░░░  ░░░░░░  ░░░░░    ░░░░░   ░░░░░░░░ ░░░░ ░░░░░  ░░░░░░

                ~ Your DataOps Platform Infrastructure ~



Project my-meltano-project has been created!

Meltano Environments initialized with dev, staging, and prod.
To learn more about Environments visit: https://docs.meltano.com/concepts/environments

Next steps:
  cd my-meltano-project
  Visit https://docs.meltano.com/getting-started#create-your-meltano-project to learn where to go from here

Check owner:

$ ls -lah my-meltano-project/
total 48K
drwxr-xr-x 10 root  root  4,0K jun 11 08:19 .
drwxrwxr-x  3 crist crist 4,0K jun 11 08:19 ..
drwxr-xr-x  2 root  root  4,0K jun 11 08:19 analyze
drwxr-xr-x  2 root  root  4,0K jun 11 08:19 extract
-rw-r--r--  1 root  root    21 jun 11 08:19 .gitignore
drwxr-xr-x  2 root  root  4,0K jun 11 08:19 load
drwxr-xr-x  3 root  root  4,0K jun 11 08:19 .meltano
-rw-------  1 root  root   140 jun 11 08:19 meltano.yml
drwxr-xr-x  2 root  root  4,0K jun 11 08:19 notebook
drwxr-xr-x  2 root  root  4,0K jun 11 08:19 orchestrate
drwxr-xr-x  2 root  root  4,0K jun 11 08:19 output
-rw-r--r--  1 root  root     0 jun 11 08:19 README.md
-rw-r--r--  1 root  root     0 jun 11 08:19 requirements.txt
drwxr-xr-x  2 root  root  4,0K jun 11 08:19 transform

Try to open a file:

$ cat my-meltano-project/meltano.yml 
cat: my-meltano-project/meltano.yml: Permission denied

cristianwebber avatar Jun 11 '22 11:06 cristianwebber

@visch have you seen this before?

tayloramurphy avatar Jun 23 '22 17:06 tayloramurphy

@visch have you seen this before?

I havne't seen this, I can try the commands in the same order. I just ran docker on a container yesterday, with these commands https://meltano.slack.com/archives/C01UTUSP34M/p1655906969357179?thread_ts=1655847345.641149&cid=C01UTUSP34M

But I don't know if that helps with this. I"ll look at the steps here later today

visch avatar Jun 23 '22 17:06 visch

  1. I can verify the commands ran in that order do create a folder with root as owner (I have to run docker as root so that kind of makes sense to me)

If I run with podman (which I can run while I"m not root)

visch@visch-ubuntu:~$ podman run -v $(pwd):/projects -w /projects meltano/meltano init podman-my-meltano-project`
visch@visch-ubuntu:~$ ls -lah podman-my-meltano-project/
visch@visch-ubuntu:~$ ls -lah podman-my-meltano-project/
total 48K
drwxr-xr-x 10 visch visch 4.0K Jun 27 16:13 .
drwxr-xr-x 35 visch visch 4.0K Jun 27 16:13 ..
-rw-r--r--  1 visch visch   21 Jun 27 16:13 .gitignore
drwxr-xr-x  3 visch visch 4.0K Jun 27 16:13 .meltano
-rw-r--r--  1 visch visch    0 Jun 27 16:13 README.md
drwxr-xr-x  2 visch visch 4.0K Jun 27 16:13 analyze
drwxr-xr-x  2 visch visch 4.0K Jun 27 16:13 extract
drwxr-xr-x  2 visch visch 4.0K Jun 27 16:13 load
-rw-------  1 visch visch  140 Jun 27 16:13 meltano.yml
drwxr-xr-x  2 visch visch 4.0K Jun 27 16:13 notebook
drwxr-xr-x  2 visch visch 4.0K Jun 27 16:13 orchestrate
drwxr-xr-x  2 visch visch 4.0K Jun 27 16:13 output
-rw-r--r--  1 visch visch    0 Jun 27 16:13 requirements.txt
drwxr-xr-x  2 visch visch 4.0K Jun 27 16:13 transform

Everything creates as the same user. This seems correct to me.

The steps https://docs.meltano.com/guide/installation#initialize-your-project

Assumes that you are either logged in as root (ie sudo su) or that your docker environment will run in "rootless" mode.

I think we should update the Docker documentation with these assumptions at a minimum. I like to push podman just because the defaults just work properly for me.

@kgpayne you probably have a better idea here? :D maybe I'm missing something

visch avatar Jun 27 '22 20:06 visch

This has been marked as stale because it is unassigned, and has not had recent activity. It will be closed after 21 days if no further activity occurs. If this should never go stale, please add the evergreen label, or request that it be added.

stale[bot] avatar Apr 26 '23 20:04 stale[bot]