You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For https://github.com/envelope-zero/backend, we recently started using goreleaser with ko to build the image for multiple architectures. We currently use the default image, cgr.dev/chainguard/static to get the benefit of running rootless.
The Envelope Zero backend uses an sqlite database that is at data/gorm.db relative to the binary.
For some environments, this works great, e.g. kubernetes, where users mount a volume with the correct permissions for the nonroot user.
For other environments however, this does not work. For example in docker-compose and GitHub actions service containers, we cannot set the owner of a volume mount directory.
The default way for a docker build would be to create the needed data directory and chown it in the Dockerfile.
However, since ko does not use a Dockerfile, that is not possible.
Is there any guidance for how to solve this neatly, preferably without maintaining our own base image?
Thanks in advance for any ideas or feedback you might have!
The text was updated successfully, but these errors were encountered:
This also seems to be a problem when deploying images onto Google Cloud Run. Using GCP's default image (i.e. building from source with gcloud run deploy --source .) gives you read/write access to the (ephemeral) filesystem, while using ko's default seems to only give readonly access.
This issue is stale because it has been open for 90 days with no
activity. It will automatically close after 30 more days of
inactivity. Keep fresh with the 'lifecycle/frozen' label.
Hey everyone!
For https://github.com/envelope-zero/backend, we recently started using goreleaser with ko to build the image for multiple architectures. We currently use the default image,
cgr.dev/chainguard/static
to get the benefit of running rootless.The Envelope Zero backend uses an sqlite database that is at
data/gorm.db
relative to the binary.For some environments, this works great, e.g. kubernetes, where users mount a volume with the correct permissions for the
nonroot
user.For other environments however, this does not work. For example in docker-compose and GitHub actions service containers, we cannot set the owner of a volume mount directory.
The default way for a docker build would be to create the needed
data
directory andchown
it in theDockerfile
.However, since ko does not use a Dockerfile, that is not possible.
Is there any guidance for how to solve this neatly, preferably without maintaining our own base image?
Thanks in advance for any ideas or feedback you might have!
The text was updated successfully, but these errors were encountered: