In Linux, use home from ${HOME} and not the current source for .m2 location

[edward2a]

Given the behaviour observed below, I'm assuming leningen is obtaining the user's home from getent or similar path instead of relying (or even considering) ${HOME}.

Using a docker container with an arbitrary runtime user, the following behaviour is observed:

When the user exists in the container (i.e. nobody):

• container invocation: docker run -ti --rm -v "${PWD}:/build" -w /build clj-builder:latest
• executing lein install will (try to) download dependencies to: <user's home>/.m2

Expected failure due to perms in /:

bash-5.0$ id
uid=65534(nobody) gid=65534(nobody)
bash-5.0$ getent passwd $(id -u)
nobody:x:65534:65534:nobody:/:/sbin/nologin
bash-5.0$ echo ${HOME}
/build
bash-5.0$ pwd
/build/source/test
bash-5.0$
bash-5.0$ lein install
Could not transfer artifact lein-midje:lein-midje:jar:3.2 from/to central (https://repo1.maven.org/maven2/): /.m2/repository/lein-midje/lein-midje/3.2/lein-midje-3.2.jar.part.lock (No such file or directory)
Could not transfer artifact lein-midje:lein-midje:jar:3.2 from/to clojars (https://repo.clojars.org/): /.m2/repository/lein-midje/lein-midje/3.2/lein-midje-3.2.jar.part.lock (No such file or directory)
Could not transfer artifact lein-midje:lein-midje:pom:3.2 from/to central (https://repo1.maven.org/maven2/): /.m2/repository/lein-midje/lein-midje/3.2/lein-midje-3.2.pom.part.lock (No such file or directory)
This could be due to a typo in :dependencies, file system permissions, or network issues.
If you are behind a proxy, try setting the 'http_proxy' environment variable.
bash-5.0$ exit

When the user DOES NOT exist in the container (i.e. nobody):

• container invocation: docker run -ti --rm -v "${PWD}:/build" -w /build --user ${UID}:${UID} clj-builder:latest
• executing lein install will download dependencies to the following path: /?/.m2

Successfully downloaded to the wrong place:

bash-5.0$ id
uid=10000 gid=10000
bash-5.0$ getent passwd $(id -u)
bash-5.0$ getent passwd 10000
bash-5.0$ echo ${HOME}
/build
bash-5.0$ pwd
/build/source/test
bash-5.0$ ls -la
total 12
drwxr-xr-x    2 10000    10000         4096 Jan 16 01:53 .
drwxr-xr-x   10 10000    10000         4096 Jan 16 01:05 ..
-rw-r--r--    1 10000    10000          358 Jan 16 01:04 project.clj
bash-5.0$ 
bash-5.0$ lein install
Retrieving lein-midje/lein-midje/3.2/lein-midje-3.2.pom from clojars
Retrieving lein-midje/lein-midje/3.2/lein-midje-3.2.jar from clojars
Retrieving org/clojure/clojure/1.8.0/clojure-1.8.0.pom from central
Retrieving org/sonatype/oss/oss-parent/7/oss-parent-7.pom from central
Retrieving org/clojure/clojure/1.8.0/clojure-1.8.0.jar from central
Created /build/source/test/target/blah-0.1.0-SNAPSHOT.jar
Wrote /build/source/test/pom.xml
Installed jar and pom into local repo.
bash-5.0$ ls -la ~/.m2
ls: /build/.m2: No such file or directory
bash-5.0$ ls -la
total 24
drwxr-xr-x    4 10000    10000         4096 Jan 16 01:55 .
drwxr-xr-x   10 10000    10000         4096 Jan 16 01:05 ..
drwxr-xr-x    3 10000    10000         4096 Jan 16 01:55 ?
-rw-r--r--    1 10000    10000         2127 Jan 16 01:55 pom.xml
-rw-r--r--    1 10000    10000          358 Jan 16 01:04 project.clj
drwxr-xr-x    4 10000    10000         4096 Jan 16 01:55 target
bash-5.0$ ls -la \?/
total 12
drwxr-xr-x    3 10000    10000         4096 Jan 16 01:55 .
drwxr-xr-x    4 10000    10000         4096 Jan 16 01:55 ..
drwxr-xr-x    3 10000    10000         4096 Jan 16 01:55 .m2
bash-5.0$

Build run-time dockerfile:

FROM alpine:3.11

RUN apk update && apk add bash openjdk8-jre curl make && \
    mkdir /build && \
    curl -o /usr/local/bin/lein https://raw.githubusercontent.com/technomancy/leiningen/stable/bin/lein && \
    chmod +x /usr/local/bin/lein

USER nobody
ENV HOME=/build
CMD /bin/bash

Test project:

(defproject com.realreadme/blah "0.1.0-SNAPSHOT"
  :description "Common library for apps"
  :dependencies [[org.clojure/clojure "1.8.0"]]
  :profiles {:uberjar {:aot :all}
             :dev     {:dependencies [[midje "1.8.3"]]
                       :plugins      [[lein-midje "3.2"]]
                       :aliases      {"test" ["midje"]}}
             })

[glts]

See also #2318.

[technomancy]

I think this is an issue upstream with Aether; we don't do anything to set the default location of the local repo.