Better permissions on the build-in-docker scripts

ibmmqmet · ibmmqmet · commit 508b6e113aca · 2019-04-01T12:40:15.000+01:00
diff --git a/Dockerfile b/Dockerfile
@@ -66,7 +66,9 @@ COPY buildInDocker.sh $GOPATH
 RUN chmod 777 $GOPATH/buildInDocker.sh
 
 # Copy the rest of the source tree from this directory into the container
+# And make sure it's readable by the id that will run the compiles (not just root)
 COPY . $GOPATH/src/$ORG/$REPO
+RUN chmod -R a+rx $GOPATH/src
 
 # Set the entrypoint to the script that will do the compilation
 ENTRYPOINT $GOPATH/buildInDocker.sh
diff --git a/buildInDocker.sh b/buildInDocker.sh
@@ -20,6 +20,9 @@
 export PATH="${PATH}:/usr/lib/go-${GOVERSION}/bin:/go/bin"
 export CGO_CFLAGS="-I/opt/mqm/inc/"
 export CGO_LDFLAGS_ALLOW="-Wl,-rpath.*"
+export GOCACHE=/tmp/.gocache
+
+echo "Running as " `id`
 
 # Build the libraries so they can be used by other programs
 cd $GOPATH/src
diff --git a/buildSamples.sh b/buildSamples.sh
@@ -42,11 +42,17 @@ then
   rm -rf $OUTBINDIR $OUTPKGDIR >/dev/null 2>&1
   mkdir -p $OUTBINDIR $OUTPKGDIR
 
+  # The container will be run as the current user to ensure files
+  # written back to the host image are owned by that person instead of root.
+  uid=`id -u`
+  gid=`id -g`
+
   # Mount an output directory
   # Delete the container once it's done its job
   docker run --rm \
-          -v $OUTBINDIR:$GOPATH/bin:z \
-          -v $OUTPKGDIR:$GOPATH/pkg:z \
+          --user $uid:$gid \
+          -v $OUTBINDIR:$GOPATH/bin \
+          -v $OUTPKGDIR:$GOPATH/pkg \
           $TAG:$VER
   echo "Compiled samples should now be in $OUTBINDIR"
 fi
