-
Notifications
You must be signed in to change notification settings - Fork 566
-
Notifications
You must be signed in to change notification settings - Fork 566
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
What's the best practice to work with helmfile inside the container #1134
Comments
@jizusun Hey! I have never tried to use the helmfile image that way, but I've experimented a bit and came up with this working command:
So without modifying the image, it seems like Would this work for you, too? |
Oh thank you @mumoshu ❤️ With the command you mentioned the file permission is not a problem any more. That is, with the new user, the helm plugins required are missing, because they were installed into somewhere in the
Thus
|
@jizusun Hey! Thanks - But I don't understand why that affects plugin installation. I was assuming not, as the plugins would be installed under |
I guess, the volume mounts won't affect that path, but since we use
I mean we'd better use a non-root user in the Do you agree? |
@jizusun Thanks! That makes sense. Regarding your suggestion, I don't disagree, but I'm not sure how it would work in practice. If we used build args like https://github.com/jupyter/docker-stacks/blob/dc9744740e128ad7ca7c235d5f54791883c2ea69/base-notebook/Dockerfile#L12-L14, we can't customize it to match your actual UID at runtime(=what So I have two options in my mind. (1) Make |
Hey, you can look at the image created by Codefresh: |
If running as the user in the host is indeed needed, the best solution that I can think of is |
Resolves roboll#1134 Co-authored-by: Antony Perigault <antony.perigault@cpexterne.org>
I really love the out-of-the-box docker images at https://quay.io/roboll/helmfile
And the Dockerfiles: https://github.com/roboll/helmfile/blob/master/Dockerfile.helm3
My approach is to mount my project folder (or only the helm chart folder) into the container (from my
Makefile
):However, the user in the container is
root
, so afterhelmfile apply
, i will get*.tgz
with permissionsuser: root, group: root
under the sub-folder. To work with it out of the container, i have to usesudo
.Is it better if we add a non-root user in the
Dockerfile
?Like the following:
I would like to create a pull request if any maintainer agree with me 😸
Thanks.
The text was updated successfully, but these errors were encountered: