Permission error

[eleijonmarck]

I am running from docker.

But I am getting permission error:

❯ docker run --rm -it -v $(pwd):/generated -e myuid="$(id -u):$(id -g)" sudokar/generator-tf-module

     _-----_
    |       |    ╭──────────────────────────╮
    |--(o)--|    │ Welcome to the tf-module │
   `---------´   │     generator v0.7.0!    │
    ( _´U`_ )    ╰──────────────────────────╯
    /___A___\   /
     |  ~  |
   __'.___.'__
 ´   `  |° ´ Y `

? Enter name for the new terraform module :  hello
? Enter description for the new terraform module :
? Enter author name :
? Choose terraform version 0.13
? Choose test framework Terratest
Error: EACCES: permission denied, mkdir '/generated/hello'
    at Object.mkdirSync (fs.js:947:3)
    at AsyncFunction.module.exports.sync (/usr/local/lib/node_modules/generator-tf-module/node_modules/make-dir/index.js:114:6)
    at module.exports.destinationRoot (/usr/local/lib/node_modules/generator-tf-module/node_modules/yeoman-generator/lib/index.js:1350:17)
    at module.exports.writing (/usr/local/lib/node_modules/generator-tf-module/generators/app/index.js:69:10)
    at Object.<anonymous> (/usr/local/lib/node_modules/generator-tf-module/node_modules/yeoman-generator/lib/index.js:976:25)
    at /usr/local/lib/node_modules/generator-tf-module/node_modules/run-async/index.js:49:25
    at new Promise (<anonymous>)
    at /usr/local/lib/node_modules/generator-tf-module/node_modules/run-async/index.js:26:19
    at runLoop.add.once.once (/usr/local/lib/node_modules/generator-tf-module/node_modules/yeoman-generator/lib/index.js:977:11)
    at processImmediate (internal/timers.js:458:21)

[sudokar]

Hi @eleijonmarck,

Thanks for raising this issue. Can you please share your OS and Docker version to look into it.

[eleijonmarck]

Ubuntu 20.04

❯ docker version
Client: Docker Engine - Community
 Version:           19.03.8
 API version:       1.40
 Go version:        go1.12.17
 Git commit:        afacb8b7f0
 Built:             Wed Mar 11 01:25:55 2020
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          19.03.8
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.12.17
  Git commit:       afacb8b7f0
  Built:            Wed Mar 11 01:24:26 2020
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.2.13
  GitCommit:        7ad184331fa3e55e52b890ea95e65ba581ae3429
 runc:
  Version:          1.0.0-rc10
  GitCommit:        dc9208a3303feef5b3839f4323d9beb36df0a9dd
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683

[sudokar]

Hi @eleijonmarck,

I pushed a bugfix version, can you please give a test and let me know. Below is the command to test with the bugfix version.

docker run --rm -it -v $(pwd):/generated -e myuid="$(id -u):$(id -g)" sudokar/generator-tf-module:0.7.0-permission-fix

[eleijonmarck]

it gave me this

? Choose test framework Terratest
   create .editorconfig
internal/fs/utils.js:308
    throw err;
    ^

Error: EACCES: permission denied, open '/generated/.editorconfig'
    at Object.openSync (fs.js:476:3)
    at Object.writeFileSync (fs.js:1467:35)
    at write (/usr/local/lib/node_modules/generator-tf-module/node_modules/mem-fs-editor/lib/actions/commit.js:15:6)
    at DestroyableTransform._transform (/usr/local/lib/node_modules/generator-tf-module/node_modules/mem-fs-editor/lib/actions/commit.js:49:7)
    at DestroyableTransform.Transform._read (/usr/local/lib/node_modules/generator-tf-module/node_modules/readable-stream/lib/_stream_transform.js:177:10)
    at DestroyableTransform.Transform._write (/usr/local/lib/node_modules/generator-tf-module/node_modules/readable-stream/lib/_stream_transform.js:164:83)
    at doWrite (/usr/local/lib/node_modules/generator-tf-module/node_modules/readable-stream/lib/_stream_writable.js:409:139)
    at writeOrBuffer (/usr/local/lib/node_modules/generator-tf-module/node_modules/readable-stream/lib/_stream_writable.js:398:5)
    at DestroyableTransform.Writable.write (/usr/local/lib/node_modules/generator-tf-module/node_modules/readable-stream/lib/_stream_writable.js:307:11)
    at DestroyableTransform.ondata (/usr/local/lib/node_modules/generator-tf-module/node_modules/readable-stream/lib/_stream_readable.js:681:20) {
  errno: -13,
  syscall: 'open',
  code: 'EACCES',
  path: '/generated/.editorconfig'
}

[skoenig]

I encountered the same problem - seems like the typical permissions issue with Docker bind-mounted volumes. The directory /generated is still owned by user witrh UID 1000 (which is my local user's UID) while yeoman has UID 1001:

$ docker run --rm -it --entrypoint ls  -v $(pwd):/generated -e myuid="$(id -u):$(id -g)" sudokar/generator-tf-module -ldn /generated
drwxr-xr-x    2 1000     1000          4096 Jun  2 06:39 /generated
$ docker run --rm -it --entrypoint grep  -v $(pwd):/generated -e myuid="$(id -u):$(id -g)" sudokar/generator-tf-module yeoman /etc/passwd
yeoman:x:1001:1001:Linux User,,,:/home/yeoman:/bin/ash

[vincentvdk]

If you are using podman you can map the user in the container to the one on the host using:

podman run --rm -it -v $(pwd):/generated --user 1001:1001 --userns keep-id:uid=1001,gid=1001 sudokar/generator-tf-module

Not sure if Docker has the same implementation (syntax)