Create mounted volumes before running docker

If we mount to a directory the doesn't exist, docker will create the local directory. If we let docker create the directories, it will create it owned by root-user, and then the container won't be able to write to the directory. By creating them in-advance, we make them owned by the user, and the container can write to them. BTW - This solves the problem with 'go build' not being able to write to the 'gocache' directory.
Stratoscale · Jun 16, 2019 · 2ddb088 · ravidbro · Jun 17, 2019 · spellr
1 parent 87077a1
commit 2ddb088
Showing 1 changed file with 17 additions and 0 deletions.
diff --git a/skipper/runner.py b/skipper/runner.py
@@ -76,6 +76,23 @@ def _run_nested(fqdn_image, environment, command, interactive, name, net, volume
         '/opt/skipper/skipper-entrypoint.sh:/opt/skipper/skipper-entrypoint.sh:Z',
     ])
     for volume in volumes:
+        if ":" not in volume:
+            raise ValueError("Volume entry is badly-formatted - %s" % volume)
+
+        # If the local directory of a mount entry doesn't exist, docker will by
+        # default create a directory in that path. Docker runs in systemd context,
+        # with root-privileges, so the container will have no permissions to write
+        # to that directory. To prevent that, we'll create the directory in advance,
+        # with the user's permissions
+        localdir = volume.split(":")[0]
+        if not os.path.exists(localdir.strip()):
+            try:
+                os.makedirs(localdir)
+            except OSError:
+                # If we have no permissions to create the directory, we'll just let
+                # docker create it with root-privileges
+                pass
+
         docker_cmd += ['-v', volume]
 
     if workdir: