api-platform
Fixes #1847 "Docker: Launch the php image with a non root user"
| Q | A |
|---|---|
| Branch? | main for features / current stable version branch for bug fixes |
| Tickets | #1847 |
| License | MIT |
| Doc PR | api-platform/docs#... |
This PR will launch all the commands as the host user (at least, the owner id of file 'composer.json') which is convenient to be able not to generate files as "root" on the host sources : the developer using the api-platform tarball will be able to modify those files without chowning them.
One should also modify the documentation at https://api-platform.com/docs/distribution/#plugging-the-persistence-system in order to change all the docker-compose exec references to docker-compose exec -T -u $(id -u) so that all the files created will be with the host's user id and not root.
See also: https://github.com/Sylius/Sylius-Standard/pull/242#issuecomment-407333686
The current situation seems to be the best compromise we can make.
See also: Sylius/Sylius-Standard#242 (comment)
I agree with this comment and this is why I want to patch the entrypoint to take into account a given env variable containing the user id rather than defining it directly in the Dockerfile.
@anthony-o I am trying to apply those changes to the dunglas/symfony-docker repository too, good progress so far: files uploaded in the application (on a mounted volume) are now owned by my 'local' user.
Some other issues I encountered:
- group is not (yet) applied → I have some changes for that
- CLI commands (run after loggin into the container) are still run as
root→ here I am stuck
Any hints on the second point? would be great to pair/collaborate on this and have a solid solution
