fix(entrypoint): loss of provilege over .git folder

Yimura · May 6, 2024 · c20a5a2 · c20a5a2
1 parent 88848c5
commit c20a5a2
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/entrypoint.sh b/entrypoint.sh
@@ -7,13 +7,18 @@ run_unprivileged() {
 echo "[INFO] Creating non-root user..."
 if [ ! -d "/home/worker" ]; then
  useradd -m worker
+fi
 
+if [[ "$(stat -c "%U:%G" /opt/crackerjack/.git)" != "worker:worker" ]]; then
+ echo "[INFO] Fixing ownership of .git folder"
  # fixes an issue where git would complain about dubious ownership (the root user owns the git clone)
  chown worker:worker -R .git
 fi
 
-echo "[INFO] Taking ownership of data directory."
-mkdir -p /opt/crackerjack/data && chown -R worker:worker /opt/crackerjack/data
+if [[ "$(stat -c "%U:%G" /opt/crackerjack/data)" != "worker:worker" ]]; then
+ echo "[INFO] Taking ownership of data directory."
+ mkdir -p /opt/crackerjack/data && chown -R worker:worker /opt/crackerjack/data
+fi
 
 echo '[INFO] Initializing DB and running migrations.'
 python3 -m flask db init