4

I'm trying to deploy a Create React App webapp on OpenShift using a Dockerfile. The OpenShift build completes successfully and when I visit the route I'm able to see the application running for 1 second and then this error comes on the screen:

Failed to compile
EACCES: permission denied, open '/home/node/app/.eslintcache'

I don't understand why the permission denied error is coming because I've assigned the directory permissions needed to the node user provided by the node Docker image in my Dockerfile.

Here's my Dockerfile:

FROM node:14-alpine

RUN mkdir -p /home/node/app &&\
 chmod -R 775 /home/node/app &&\
 chown -R node:node /home/node/app
WORKDIR /home/node/app

COPY package*.json /home/node/app/
USER node
RUN npm install

COPY --chown=node:node . /home/node/app
EXPOSE 3000
CMD ["npm", "start"]

Software versions:
react-scripts 4.0.1
OpenShift 4.2, 4.4, 4.5 (Tried with all)

Here's the tutorial I used as reference and the source repo.

Update:
Thanks to Will Gordon's answer, I was able to figure it out. OpenShift expects you to specify the user ID and not the name. Also, OpenShift runs containers as a random ID belonging to group 0 so permission for that group needs to be specified. Here's the working Dockerfile:

FROM node:14-alpine

RUN mkdir -p /home/node/app &&\
 chown -R node:node /home/node/app
WORKDIR /home/node/app

RUN chgrp -R 0 /home/node/app &&\
 chmod -R g+rwX /home/node/app

COPY package*.json /home/node/app/
USER 1000
RUN npm install

COPY --chown=node:node . /home/node/app
EXPOSE 3000
CMD ["npm", "start"]
Abhijeet Singh
  • 994
  • 11
  • 27
  • u need to cd into /home/node/app/ before npm install – Someone Special Nov 29 '20 at 11:48
  • Isn't that what `WORKDIR /home/node/app` is for? My Dockerfile is very similar to the solution in [this question](https://stackoverflow.com/questions/42363105/permission-denied-mkdir-in-container-on-openshift). Further, the Dockerfile gives no errors at build so I'm assuming the permissions are fine. It's the new `.eslintcache` file that latest `react-scripts` versions have started to create is what's causing the problem. – Abhijeet Singh Nov 29 '20 at 12:01

1 Answers1

3

You're setting up a specific user and permissions for that user. OpenShift's default configuration is to run containers with a random UID. It's recommended to use the root GID (GID 0) when setting permissions, instead of UIDs, as OpenShift will automatically apply GID 0 to the user.

You can find more guidelines on creating images for OpenShift in the documentation https://docs.openshift.com/container-platform/3.11/creating_images/guidelines.html#openshift-specific-guidelines

Will Gordon
  • 3,303
  • 2
  • 11
  • 22