Repeatr: Reproducible, hermetic Computation. Provision containers from Content-Addressable snapshots; run using familiar containers (e.g. runc); store outputs in Content-Addressable form too! JSON API; connect your own pipelines! (Or, use github.com/polydawn/stellar for pipelines!)
Add normalization of the CWD perms to cradle's responsibilities.
The cradle package already does a bunch of work to make sure the container filesystem is a reasonable place to launch the user's process in. It's desirable to keep this interference to a minimum, because every thing we add here implicitly becomes part of repeatr's contract and is a potential leakage through the otherwise absolute specificity of formulas. In this case the reasons are still compelling: the path affected is specified by the formula; we are already interfering with that path; and this change set just refines the interference a bit. (We should still probably have a flag to disable this interference entirely; not having that is a somewhat shameful omission, but adding it is a separate task.)
Previously, the cradle behavior was to mkdir the CWD if it doesn't exist in the container filesystem, but to leave it entirely alone if it did already exist. Now, the behavior is to mkdir as necessary, but also always enforce that the owner and group IDs are set to the container UID and GID, and also to normalize the file permission mode.
This fixes some awkward user experience where an input path under the working dir path could cause the working dir to be created with root uid and gid... very irritating if your policy is the default, "routine", and thus has a different UID. In that situation, the CWD will now always be writable (though files underneath created by the other input specification may still have other permissions), which should result in a much smoother experience in this fairly common case.
Add normalization of the CWD perms to cradle's responsibilities.
The cradle package already does a bunch of work to make sure the container filesystem is a reasonable place to launch the user's process in. It's desirable to keep this interference to a minimum, because every thing we add here implicitly becomes part of repeatr's contract and is a potential leakage through the otherwise absolute specificity of formulas. In this case the reasons are still compelling: the path affected is specified by the formula; we are already interfering with that path; and this change set just refines the interference a bit. (We should still probably have a flag to disable this interference entirely; not having that is a somewhat shameful omission, but adding it is a separate task.)
Previously, the cradle behavior was to mkdir the CWD if it doesn't exist in the container filesystem, but to leave it entirely alone if it did already exist. Now, the behavior is to mkdir as necessary, but also always enforce that the owner and group IDs are set to the container UID and GID, and also to normalize the file permission mode.
This fixes some awkward user experience where an input path under the working dir path could cause the working dir to be created with root uid and gid... very irritating if your policy is the default, "routine", and thus has a different UID. In that situation, the CWD will now always be writable (though files underneath created by the other input specification may still have other permissions), which should result in a much smoother experience in this fairly common case.