From 261c2c744e0c79283417ed3494d37e801e008962 Mon Sep 17 00:00:00 2001
From: david-i-berry <dberry@wmo.int>
Date: Mon, 19 Aug 2024 22:23:10 +0200
Subject: [PATCH] Revert back to hard coded uid and gid.

---
 .github/workflows/test-docker.yml | 18 +-----------------
 docker/Dockerfile                 | 16 +++++-----------
 docker/entrypoint.sh              | 11 -----------
 docker/tests/docker-compose.yml   |  2 +-
 4 files changed, 7 insertions(+), 40 deletions(-)

diff --git a/.github/workflows/test-docker.yml b/.github/workflows/test-docker.yml
index 9660739..135b8db 100644
--- a/.github/workflows/test-docker.yml
+++ b/.github/workflows/test-docker.yml
@@ -18,28 +18,15 @@ jobs:
       - name: Build test environment
         working-directory: docker/tests
         run: |
-          # create env file
-          export USER_ID="$(id -u)"
-          export GROUP_ID="$(id -g)"
-          echo "${GROUP_ID}:${USER_ID}"
           docker compose build
-          # make sure data directory exists has correct permissions
-          mkdir ./data
-          sudo chown -R "$(id -g)":"$(id -u)" ./data
       - name: Run containers
         working-directory: docker/tests
         run: |
-          export USER_ID="$(id -u)"
-          export GROUP_ID="$(id -g)"          
-          echo "${GROUP_ID}:${USER_ID}"
           docker compose up -d
       - name: Run CLI tests
         working-directory: docker/tests
         run: |
-          sleep 10s
-          docker logs subscriber
           echo "Testing adding subscription"
-          docker ps
           # test adding a subscription
           docker exec subscriber  bash -c "source /home/wis2downloader/.venv/bin/activate && wis2downloader add-subscription --topic cache/a/wis2/+/services/#" 
           # test listing subscriptions
@@ -59,10 +46,7 @@ jobs:
           docker exec subscriber bash -c "source /home/wis2downloader/.venv/bin/activate && wis2downloader remove-subscription --topic cache/a/wis2/+/services/#"
       - name: Run API tests
         working-directory: docker/tests
-        run: |
-          export USER_ID="$(id -u)"
-          export GROUP_ID="$(id -g)"          
-          echo "${GROUP_ID}:${USER_ID}"          
+        run: |          
           # get metrics
           curl http://localhost:5000/metrics          
           # test adding a subscription          
diff --git a/docker/Dockerfile b/docker/Dockerfile
index 15f32e1..68bb99f 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -15,23 +15,18 @@ ENV DOWNLOAD_VALIDATE_TOPICS "false"
 ENV DOWNLOAD_WORKERS 8
 ENV LOG_PATH "/home/wis2downloader/app/logs"
 ENV WIS2DOWNLOADER_CONFIG "/home/wis2downloader/app/config/config.json"
-ENV HOST_UID 1002
-ENV HOST_GID 1002
+ENV HOST_UID 1001
+ENV HOST_GID 1001
 
 # Update, upgrade packages and install / clean up
 RUN apt-get update && \
     apt-get upgrade && \
-    apt-get install -y gettext-base=0.21-12 curl=7.88.1-10+deb12u6 cron=3.0pl1-162 git=1:2.39.2-1.1 sudo && \
+    apt-get install -y gettext-base=0.21-12 curl=7.88.1-10+deb12u6 cron=3.0pl1-162 git=1:2.39.2-1.1 && \
     rm -rf /var/lib/apt/lists/*
 
 # Now setup python env and default user
-# RUN groupadd -g "$GROUP_ID" wis2 && \
-#     useradd -l -u "$USER_ID" wis2downloader && \
-#     usermod -aG wis2 wis2downloader
-
-# Now setup python env and default user
-RUN groupadd wis2 && \
-    useradd wis2downloader && \
+RUN groupadd -g "$GROUP_ID" wis2 && \
+    useradd -l -u "$USER_ID" wis2downloader && \
     usermod -aG wis2 wis2downloader
 
 USER wis2downloader
@@ -71,7 +66,6 @@ HEALTHCHECK --interval=1m --timeout=3s \
   CMD curl -f http://localhost:5000/subscriptions || exit 1
 
 # Final step as root user, updated in entrypoint
-USER root
 ENTRYPOINT [ "/home/wis2downloader/app/entrypoint.sh" ]
 # Run wis2downloader when the container launches
 CMD ["/bin/bash", "-c", "gunicorn --bind 0.0.0.0:5000 --workers 1 wis2downloader.app:app"]
\ No newline at end of file
diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh
index 5b14d5f..cdef573 100644
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@@ -1,13 +1,4 @@
 #!/bin/bash
-# Update build uid and gid to align with those of instance
-usermod -u ${HOST_UID} wis2downloader
-usermod -s /bin/bash wis2downloader
-groupmod -g ${HOST_GID} wis2
-
-# now demote to wis2downlaoder user
-su - wis2downloader
-echo "Running entrypoint as $(whoami)"
-# print the download_dir
 echo "Download directory in container: $DOWNLOAD_DIR"
 
 # ensure DOWNLOAD_DIR exists
@@ -16,8 +7,6 @@ if [ ! -d "$DOWNLOAD_DIR" ]; then
     mkdir -p "$DOWNLOAD_DIR"
 fi
 
-ls -althF "$DOWNLOAD_DIR"
-
 envsubst < /home/wis2downloader/app/config/config.template > /home/wis2downloader/app/config/config.json
 
 # if session-info.json does not exists in $DOWNLOAD_DIR, create it
diff --git a/docker/tests/docker-compose.yml b/docker/tests/docker-compose.yml
index 37437cb..9cd3aa6 100644
--- a/docker/tests/docker-compose.yml
+++ b/docker/tests/docker-compose.yml
@@ -33,7 +33,7 @@ services:
         - "5000:5000"
       depends_on:
         - broker
-      # user: ${USER_ID}:${GROUP_ID}
+      user: "1001:1001"
       volumes:
         - ./data:/home/wis2downloader/app/data/downloads:rw