diff --git a/docker/runtime/golang/Dockerfile.init b/docker/runtime/golang/Dockerfile.init index 6798d7233..af8d920b9 100644 --- a/docker/runtime/golang/Dockerfile.init +++ b/docker/runtime/golang/Dockerfile.init @@ -3,13 +3,12 @@ FROM golang:1.10 # Install dep RUN curl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh RUN go get golang.org/x/net/context -RUN mkdir -p /go/pkg/dep && chown 1000:1000 /go/pkg/dep +RUN mkdir -p /go/pkg/dep # Prepare function environment RUN ln -s /kubeless $GOPATH/src/kubeless # Install controller -USER 1000 RUN mkdir -p $GOPATH/src/github.com/kubeless/kubeless/pkg/functions ADD pkg/functions/* $GOPATH/src/github.com/kubeless/kubeless/pkg/functions RUN mkdir -p $GOPATH/src/controller @@ -17,3 +16,7 @@ ADD docker/runtime/golang/Gopkg.toml $GOPATH/src/controller/ WORKDIR $GOPATH/src/controller/ ADD docker/runtime/golang/kubeless.tpl.go $GOPATH/src/controller/ RUN dep ensure +RUN chmod -R a+w $GOPATH +RUN chmod -R a+w /go/pkg/dep + +USER 1000 diff --git a/docker/runtime/php/Dockerfile b/docker/runtime/php/Dockerfile index 2465ff416..c56b70c53 100644 --- a/docker/runtime/php/Dockerfile +++ b/docker/runtime/php/Dockerfile @@ -48,8 +48,7 @@ COPY config/default.conf /etc/nginx/conf.d/default.conf RUN rm /etc/nginx/sites-available/default && \ mkdir -p /app && \ touch /run/nginx.pid && \ - chown 1000:1000 -R /run/nginx.pid /app /var/lib/nginx /var/log/nginx + chmod -R a+w /run/nginx.pid /app /var/lib/nginx /var/log/nginx USER 1000 -ENTRYPOINT [ "" ] CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"] diff --git a/kubeless-non-rbac.jsonnet b/kubeless-non-rbac.jsonnet index d3b43bee4..c91806d88 100644 --- a/kubeless-non-rbac.jsonnet +++ b/kubeless-non-rbac.jsonnet @@ -140,7 +140,7 @@ local runtime_images ='[ { "name": "php72", "version": "7.2", - "runtimeImage": "kubeless/php@sha256:82b94c691302bc82f3900444255cabb8f230487764eafeba7866ac49d90ddc3b", + "runtimeImage": "kubeless/php@sha256:4e44ab60f597e93097bf9f5ea91d58bd9c308bf206043db2a9809ec16a8ff2f4", "initImage": "composer:1.6" } ], @@ -155,7 +155,7 @@ local runtime_images ='[ "name": "go1.10", "version": "1.10", "runtimeImage": "kubeless/go@sha256:bf72622344a54e4360f31d3fea5eb9dca2c96fbedc6f0ad7c54f3eb8fb7bd353", - "initImage": "kubeless/go-init@sha256:ce6ef4fafe518ed78b3a68b03947c064fec1cf8c667cd109e9331f227877b3a9" + "initImage": "kubeless/go-init@sha256:e262f70639594b3a9e3481843171ecbbe82e84b786825ebe28bc1a3ae89310d3" } ], "depName": "Gopkg.toml", diff --git a/kubeless-openshift.jsonnet b/kubeless-openshift.jsonnet index f222c6a85..4781f1940 100644 --- a/kubeless-openshift.jsonnet +++ b/kubeless-openshift.jsonnet @@ -1,10 +1,14 @@ # Builds on kubeless.ksonnet to produce a deployable manifest on OpenShift 1.5 # Modifies apiVersion for kubeless-controller Deployment to extensions/v1beta1 # Modifies ClusterRole and ClusterRoleBinding apiVersions to v1 +local k = import "ksonnet.beta.1/k.libsonnet"; local kubeless = import "kubeless.jsonnet"; +local config = kubeless.cfg + k.core.v1.configMap.data({"deployment":'{"spec":{"template":{"spec":{"securityContext":{}}}}}'}); + kubeless + { controller: kubeless.controller + { apiVersion: "extensions/v1beta1" }, controllerClusterRole: kubeless.controllerClusterRole + { apiVersion: "v1" }, controllerClusterRoleBinding: kubeless.controllerClusterRoleBinding + { apiVersion: "v1" }, + cfg: config, } diff --git a/pkg/langruntime/langruntime.go b/pkg/langruntime/langruntime.go index 073aed244..2aa0db8a4 100644 --- a/pkg/langruntime/langruntime.go +++ b/pkg/langruntime/langruntime.go @@ -210,6 +210,8 @@ func (l *Langruntimes) GetBuildContainer(runtime, depsChecksum string, env []v1. case strings.Contains(runtime, "nodejs"): registry := "https://registry.npmjs.org" scope := "" + // Force HOME to a folder with permissions to avoid issues in OpenShift #694 + env = append(env, v1.EnvVar{Name: "HOME", Value: "/tmp"}) for _, v := range env { if v.Name == "NPM_REGISTRY" { registry = v.Value diff --git a/pkg/langruntime/langruntime_test.go b/pkg/langruntime/langruntime_test.go index 58957eb93..4f1857772 100644 --- a/pkg/langruntime/langruntime_test.go +++ b/pkg/langruntime/langruntime_test.go @@ -137,6 +137,15 @@ func TestGetBuildContainer(t *testing.T) { if !strings.Contains(c.Args[0], "npm config set myorg:registry http://reg.com && npm install") { t.Errorf("Unexpected command %s", c.Args[0]) } + home := v1.EnvVar{Name: "HOME"} + for _, v := range c.Env { + if v.Name == "HOME" { + home = v + } + } + if home.Value != "/tmp" { + t.Error("It should set /tmp as home") + } // It should return the proper build image for ruby c, err = lr.GetBuildContainer("ruby2.4", "abc123", env, vol1)