Support launching Cypress tests in Podman on Ubuntu (#10768)

* Support launching Cypress tests in Podman on Ubuntu

* Add a comment about why we are adding UID=0 GUI=0

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Note that this setup is for rootless podman

* Add a comment about why we're requesting -u 0:0

* Clarify wording of comment

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Reword another comment

---------

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
This commit is contained in:
Andy Balaam 2023-05-03 14:28:35 +01:00 committed by GitHub
parent f5d79897d9
commit e8cddcac3f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -36,12 +36,21 @@ export async function dockerRun(opts: {
const params = opts.params ?? []; const params = opts.params ?? [];
if (params?.includes("-v") && userInfo.uid >= 0) { if (params?.includes("-v") && userInfo.uid >= 0) {
// On *nix we run the docker container as our uid:gid otherwise cleaning it up its media_store can be difficult // Run the docker container as our uid:gid to prevent problems with permissions.
params.push("-u", `${userInfo.uid}:${userInfo.gid}`);
if (await isPodman()) { if (await isPodman()) {
// keep the user ID if the docker command is actually podman // Note: this setup is for podman rootless containers.
params.push("--userns=keep-id");
// In podman, run as root in the container, which maps to the current
// user on the host. This is probably the default since Synapse's
// Dockerfile doesn't specify, but we're being explicit here
// because it's important for the permissions to work.
params.push("-u", "0:0");
// Tell Synapse not to switch UID
params.push("-e", "UID=0");
params.push("-e", "GID=0");
} else {
params.push("-u", `${userInfo.uid}:${userInfo.gid}`);
} }
} }