Open morremeyer opened 6 months ago
ipince
commented
6 months ago This also seems to be a problem when deploying images onto Google Cloud Run. Using GCP's default image (i.e. building from source with gcloud run deploy --source .) gives you read/write access to the (ephemeral) filesystem, while using ko's default seems to only give readonly access.
github-actions[bot]
commented
3 months ago This issue is stale because it has been open for 90 days with no activity. It will automatically close after 30 more days of inactivity. Keep fresh with the 'lifecycle/frozen' label.
morremeyer
commented
3 months ago still an issue
Hey everyone!
For https://github.com/envelope-zero/backend, we recently started using goreleaser with ko to build the image for multiple architectures. We currently use the default image,
cgr.dev/chainguard/staticto get the benefit of running rootless.The Envelope Zero backend uses an sqlite database that is at
data/gorm.dbrelative to the binary.For some environments, this works great, e.g. kubernetes, where users mount a volume with the correct permissions for the
nonrootuser.For other environments however, this does not work. For example in docker-compose and GitHub actions service containers, we cannot set the owner of a volume mount directory.
The default way for a docker build would be to create the needed
datadirectory andchownit in theDockerfile. However, since ko does not use a Dockerfile, that is not possible.Is there any guidance for how to solve this neatly, preferably without maintaining our own base image? Thanks in advance for any ideas or feedback you might have!