idf-docker-image.rst: Run with current user ID instead of root. (IDFGH-10773) #11987
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Rather than running the command inside the container as root, which will
mean that any build artifacts created will be owned by root on the host,
run the command as the current user.
This requires setting a temporary home directory as idf.py will try to
access e.g. ~/.cache, so just use /tmp inside the container which is
ephemeral anyway.
This also allows the command to use `git`. without setting the user ID,
`docker run ... git status` will fail with
fatal: detected dubious ownership in repository at '/project'
Also added the missing explanation for `-w /project`.
Signed-off-by: Jim Mussared <jim.mussared@gmail.com>
|
|
github-actions
bot
changed the title
|
Thank you for the contribution! |
|
sha=c7d511277163726434e08725b250cddb38c5c660 |
espressif-bot
added
Status: Reviewing
espressif-bot
added
Status: Done
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I'm from the MicroPython project, and I noticed an issue with someone trying to follow the instructions at https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-docker-image.html to build MicroPython. Specifically, our build uses
gitto embed version information. They also noticed that the generated build directory was owned by root.I'm not a docker expert at all, so there might be better ways to solve this, but I've been using exactly this mechanism of using containers for building firmware for many years without trouble. (Although I typically use
-v $HOME:$HOME -w $PWD -u $UIDinstead, but I think in this case using/projectmakes more sense).Rather than running the command inside the container as root, which will mean that any build artifacts created will be owned by root on the host, run the command as the current user.
This requires setting a temporary home directory as idf.py will try to access e.g. ~/.cache, so just use /tmp inside the container which is ephemeral anyway.
This also allows the command to use
git. without setting the user ID,docker run ... git statuswill fail withfatal: detected dubious ownership in repository at '/project'
Also added the missing explanation for
-w /project.