User context in Acornfiles

[andrey-olishchuk]

If the Dockerimage works as a non root user (e.g. UID 1001), how can I use that user context in an Acornfile? Just not to have “permission denied” errors with the file system. As I see there is no possibility to use “user: 1001:1001" in the acornfile.

[cjellick]

We currently dont support this, but want to. We need to add a user field to acorn.

[kaotika]

A workaround until this feature was added to acorn is to use gosu (e.g. ubuntu, debian) or su-exec (alpine).

FROM node:alpine
ENV APP_DIR="/app" \
    APP_USER="node"

RUN apk add --no-cache su-exec
COPY . "${APP_DIR}"
CMD ["/app/entrypoint.sh"]

app/entrypoint.sh

#!/usr/bin/env sh
set -e

su-exec "${APP_USER:-node}" npm run start --prefix /app

[sangee2004]

Tested with acorn version v0.9.2-28-ga822ff9d+a822ff9d

We are able to set user context using user param in Acornfile

1. Deploy app using the following Acornfile

containers: foo: {
  image: "alpine:latest"
  user: "1001:1001"
  cmd: ["/bin/sh", "-c", "sleep infinity"]
}

2. Once app is deployed successfully, verify that uid and gid are set as expected

acorn exec mm
~ $ id
uid=1001 gid=1001 groups=1001
~ $ 

3. When only uid is provided like user: "1100" , then uid and gid will be set to same value.