Skip to content

Commit

Permalink
Enhance user context handling in Spin script
Browse files Browse the repository at this point in the history 
- Introduced SPIN_RUN_AS_USER environment variable to specify the user running the Spin commands, improving flexibility and clarity.
- Updated multiple Docker run commands in functions.sh to utilize SPIN_RUN_AS_USER instead of directly calling `whoami`, ensuring consistent user context across operations.
  • Loading branch information
@jaydrogers
jaydrogers committed Jan 14, 2025
1 parent 0e93dd4 commit f0e9c78
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 5 deletions.
2 changes: 2 additions & 0 deletions bin/spin
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,10 @@ export COMPOSE_CMD=${COMPOSE_CMD:-"docker compose"}
# Export the current user and group ID
SPIN_USER_ID=${SPIN_USER_ID:-$(id -u)}
SPIN_GROUP_ID=${SPIN_GROUP_ID:-$(id -g)}
SPIN_RUN_AS_USER=${SPIN_RUN_AS_USER:-$(whoami)}
export SPIN_USER_ID
export SPIN_GROUP_ID
export SPIN_RUN_AS_USER

# Default Images
SPIN_PHP_IMAGE=${SPIN_PHP_IMAGE:-"serversideup/php:cli"}
Expand Down
10 changes: 5 additions & 5 deletions lib/functions.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -480,7 +480,7 @@ get_ansible_variable(){
raw_output=$(docker run --rm -i \
-e "PUID=${SPIN_USER_ID}" \
-e "PGID=${SPIN_GROUP_ID}" \
-e "RUN_AS_USER=$(whoami)" \
-e "RUN_AS_USER=${SPIN_RUN_AS_USER}" \
-e "ANSIBLE_STDOUT_CALLBACK=minimal" \
-e "ANSIBLE_DISPLAY_SKIPPED_HOSTS=false" \
-e "ANSIBLE_DISPLAY_OK_HOSTS=false" \
Expand Down Expand Up @@ -883,7 +883,7 @@ prepare_ansible_run() {
docker run --rm -it \
-e "PUID=${SPIN_USER_ID}" \
-e "PGID=${SPIN_GROUP_ID}" \
-e "RUN_AS_USER=$(whoami)" \
-e "RUN_AS_USER=${SPIN_RUN_AS_USER}" \
-v "$SPIN_ANSIBLE_COLLECTIONS_PATH:/etc/ansible/collections" \
"$SPIN_ANSIBLE_IMAGE" \
ansible-galaxy collection install "${SPIN_ANSIBLE_COLLECTION_NAME}" --force
Expand Down Expand Up @@ -1222,7 +1222,7 @@ run_ansible() {
docker run --rm -it \
-e "PUID=${SPIN_USER_ID}" \
-e "PGID=${SPIN_GROUP_ID}" \
-e "RUN_AS_USER=$(whoami)" \
-e "RUN_AS_USER=${SPIN_RUN_AS_USER}" \
"${additional_docker_args[@]}" \
"$SPIN_ANSIBLE_IMAGE" \
"${ansible_args[@]}"
Expand Down Expand Up @@ -1301,7 +1301,7 @@ run_gh() {
docker run --rm $interactive_flag \
-e "PUID=${SPIN_USER_ID}" \
-e "PGID=${SPIN_GROUP_ID}" \
-e "RUN_AS_USER=$(whoami)" \
-e "RUN_AS_USER=${SPIN_RUN_AS_USER}" \
-v "$(pwd):/app" \
-v "$HOME/.config/gh:/config/gh:rw" \
"${additional_docker_args[@]}" \
Expand Down Expand Up @@ -1339,7 +1339,7 @@ set_ansible_vault_args() {
docker run --rm -i \
-e "PUID=${SPIN_USER_ID}" \
-e "PGID=${SPIN_GROUP_ID}" \
-e "RUN_AS_USER=$(whoami)" \
-e "RUN_AS_USER=${SPIN_RUN_AS_USER}" \
-v "$(pwd):/ansible" \
"$SPIN_ANSIBLE_IMAGE" \
ansible-vault view --vault-password-file="/ansible/.vault-password" "$variable_file" > /dev/null 2>&1
Expand Down

0 comments on commit f0e9c78

Please sign in to comment.