Skip to content

Commit

Permalink
fix(entrypoint): loss of provilege over .git folder
Browse files Browse the repository at this point in the history
  • Loading branch information
Yimura committed May 6, 2024
1 parent 88848c5 commit c20a5a2
Showing 1 changed file with 7 additions and 2 deletions.
9 changes: 7 additions & 2 deletions entrypoint.sh
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,18 @@ run_unprivileged() {
echo "[INFO] Creating non-root user..."
if [ ! -d "/home/worker" ]; then
useradd -m worker
fi

if [[ "$(stat -c "%U:%G" /opt/crackerjack/.git)" != "worker:worker" ]]; then
echo "[INFO] Fixing ownership of .git folder"
# fixes an issue where git would complain about dubious ownership (the root user owns the git clone)
chown worker:worker -R .git
fi

echo "[INFO] Taking ownership of data directory."
mkdir -p /opt/crackerjack/data && chown -R worker:worker /opt/crackerjack/data
if [[ "$(stat -c "%U:%G" /opt/crackerjack/data)" != "worker:worker" ]]; then
echo "[INFO] Taking ownership of data directory."
mkdir -p /opt/crackerjack/data && chown -R worker:worker /opt/crackerjack/data
fi

echo '[INFO] Initializing DB and running migrations.'
python3 -m flask db init
Expand Down

0 comments on commit c20a5a2

Please sign in to comment.