Ensure the RUN_AS ownership applies to the DB's named volume

See conversation [here](sartography#2096 (comment)). Tested locally; it works!
mogul · Oct 2, 2024 · 27cc521 · 27cc521
1 parent 341a89c
commit 27cc521
Showing 1 changed file with 12 additions and 0 deletions.
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -13,12 +13,24 @@ services:
     ports:
       - "${SPIFFWORKFLOW_FRONTEND_PORT:-8001}:${SPIFFWORKFLOW_FRONTEND_PORT:-8001}/tcp"
 
+  # Ensure that the RUN_AS user is able to write to the named volume where the sqlite DB will be
+  # Solution via https://stackoverflow.com/a/73255981
+  match-volume-ownership:
+    image: alpine
+    restart: "no"
+    entrypoint: |
+      /bin/sh -c "chown ${RUN_AS:-0:0} /app/db_volume"
+    volumes:
+      - spiffworkflow_backend_db:/app/db_volume:rw
+
   spiffworkflow-backend:
     container_name: spiffworkflow-backend
     image: ghcr.io/sartography/spiffworkflow-backend:latest
     # Enable setting the ownership of created files to match the local user:group. For example:
     #     RUN_AS="$(id -u):$(id -g)" docker compose up -d
     user: ${RUN_AS:-0:0}
+    depends_on:
+      - match-volume-ownership
     environment:
       SPIFFWORKFLOW_BACKEND_ENV: "local_docker"
       FLASK_DEBUG: "0"