OpenShift compatible image that supports arbitrary user ids #687
Comments
jsbloo
changed the title
|
Here’s a simpler and more personal response you can use: Thanks for bringing this up and for sharing how you fixed the issue! I had a similar experience when trying to make an OpenShift-compatible image. Setting the permissions on directories with: I also ran into the issue with HOME being set to /root, which caused problems with scripts looking for the SSH key in the wrong place. Setting HOME to /opal fixed it on my end as well. One suggestion for improvement: the scripts in opal_common/git_utils could use better error handling. I didn’t see any messages about this issue, which made debugging harder. Logging more descriptive errors when file access fails would really help. Suggestions: HOME Directory Adjustment: Setting HOME to /opal instead of defaulting to root resolves issues with scripts attempting to write to /.ssh. This should be explicitly documented or included in the image configuration to prevent similar issues for other users. Error Messages: As you noted, the lack of error messages in the scripts at opal_common/git_utils makes debugging challenging. Enhancing error handling in these scripts to log meaningful messages when file operations fail would improve usability significantly. |
|
Add improved error handling in the relevant scripts to provide more descriptive logs. |
Please read:
How I fixed
To make the image compatible, I had to build my own. I had to set perms on the opal dir eg:RUN chgrp -R 0 /some/directory && \ chmod -R g+rwX /some/directoryWhen I deployed, HOME was set to root, not opal.
This meant that the scripts in: https://github.com/permitio/opal/blob/master/packages/opal-common/opal_common/git_utils/
were trying to write/access the ssh_key from/to
/.sshinstead of/opal/.sshThere were NO error messages indicating this issue, I recommend adding more error handling to these scripts.
I fixed this issue by setting home to /opal.
The text was updated successfully, but these errors were encountered: