GCloud CLI Container as a Different User

TL;DR The key is to start the container with the HOME environment variable set to something writeable, such as /tmp/gcloud. docker run --rm -it --user 1001 -e HOME=/tmp/gcloud gcr.io/google.com/cloudsdktool/cloud-sdk Details The GCP tools automatically setup a GCP config directory which includes a log of all the commands that are run. Typically this is in ~/.config/gcloud/. Out of the box, the container has a user with UID=0 and UID=1000 root:x:0:0:root:/root:/bin/bash ... cloudsdk:x:1000:1000::/home/cloudsdk:/bin/bash Which means, if you either run it by default you end up with UID=0, which exists and has a writeable home, or you are the only user on your system, and start the container with --user 1000, you also end up with a writeable home, and everything works. ...

June 30, 2023 · Nigel Sim

Static Website Hosting with Docker and Salt

Containerisation of services has numerous advantages in terms of repeatability, security, etc. This is all well and good for an application server and related infrastructure, but how to do this in a light weight fashion, for instance, serving static websites? The ultimate goal is to be able to leverage the benefits of modern devops with low overhead. This blog is hosted on a VPS with 1GB RAM for instance. To do this we utilises: ...

April 7, 2020 · Nigel Sim