artin/sourcegraph
1
0
Fork 0
mirror of https://github.com/sourcegraph/sourcegraph.git synced 2026-02-06 17:31:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

blobstore: fix /data file permissions (#45226)

Browse Source 
As Quinn noted in an earlier PR, if `/data` is not writable by the container
then we encounter these errors:

- `failed to create bucket: operation error S3: CreateBucket, https response error StatusCode: 403` from the precise-code-intel-worker service
- `sendSimpleErrorResponse: 403 AccessDenied Forbidden` in the blobstore Docker container logs

Docker inherits the permissions of the folder if it is created in the Dockerfile
and I forgot to include the creation of the `/data` folder previously. Fixing
this means we don't e.g. have to manually correct permissions in Docker Compose
or pure-docker deployment types.

Signed-off-by: Stephen Gutekanst <stephen@sourcegraph.com>
This commit is contained in:
Stephen Gutekanst 2022-12-05 14:20:39 -07:00 committed by GitHub
parent fef5eabc76
commit e8f2e6dc78
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docker-images/blobstore/Dockerfile
View File

@ -59,7 +59,9 @@ ENV \
JCLOUDS_KEYSTONE_PROJECT_DOMAIN_NAME="" \
JCLOUDS_FILESYSTEM_BASEDIR="/data"
EXPOSE 9000
RUN mkdir -p /data && chown -R sourcegraph:sourcegraph /data
USER sourcegraph
EXPOSE 9000
WORKDIR /opt/s3proxy
ENTRYPOINT ["/sbin/tini", "--", "/opt/s3proxy/run-docker-container.sh"]