diff --git a/input/Docker/Dockerfile b/input/Docker/Dockerfile index 555b026..0f9ff0f 100644 --- a/input/Docker/Dockerfile +++ b/input/Docker/Dockerfile @@ -11,7 +11,6 @@ RUN apt-get update \ && apt-get install --yes --no-install-recommends \ python3 \ python3-venv \ - gosu \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* @@ -19,8 +18,9 @@ RUN apt-get update \ # The CLI expects credentials/configuration from the mounted ~/.codex directory. RUN npm install --location=global @openai/codex -RUN groupadd -r codex && \ - useradd -r -m -g codex -s /bin/bash codex +RUN groupmod --new-name codex node \ + && usermod --login codex --home /home/codex --move-home node \ + && chown -R codex:codex /home/codex WORKDIR /app @@ -28,4 +28,6 @@ COPY watch_and_customize.py entrypoint.sh JobDescriptionNormalizerPrompt.md ./ RUN chmod +x /app/watch_and_customize.py /app/entrypoint.sh +USER codex + ENTRYPOINT ["/app/entrypoint.sh"] diff --git a/input/Docker/docker-compose.yml b/input/Docker/docker-compose.yml index 10789c3..f1ed568 100644 --- a/input/Docker/docker-compose.yml +++ b/input/Docker/docker-compose.yml @@ -8,8 +8,6 @@ services: container_name: RCEO-AI-ResumeCustomizer-InputProcessor restart: "no" environment: - PUID: "${LOCAL_UID:-1000}" - PGID: "${LOCAL_GID:-1000}" POLL_INTERVAL_SECONDS: "${POLL_INTERVAL_SECONDS:-5}" CODEX_TIMEOUT_SECONDS: "${CODEX_TIMEOUT_SECONDS:-600}" volumes: diff --git a/input/Docker/entrypoint.sh b/input/Docker/entrypoint.sh index 6e4bc77..5a36122 100755 --- a/input/Docker/entrypoint.sh +++ b/input/Docker/entrypoint.sh @@ -1,58 +1,14 @@ #!/usr/bin/env bash set -euo pipefail -USER_NAME=codex -PUID=${PUID:-1000} -PGID=${PGID:-1000} - -ensure_group() { - local desired_gid=$1 - local group_name - - if getent group "${desired_gid}" >/dev/null 2>&1; then - group_name=$(getent group "${desired_gid}" | cut -d: -f1) - echo "${group_name}" - return 0 - fi - - if getent group "${USER_NAME}" >/dev/null 2>&1; then - groupmod -o -g "${desired_gid}" "${USER_NAME}" - echo "${USER_NAME}" - return 0 - fi - - groupadd -o -g "${desired_gid}" "${USER_NAME}" - echo "${USER_NAME}" -} - -ensure_user() { - local desired_uid=$1 - local primary_group=$2 - - if getent passwd "${USER_NAME}" >/dev/null 2>&1; then - usermod -o -u "${desired_uid}" -g "${primary_group}" -d "/home/${USER_NAME}" -s /bin/bash "${USER_NAME}" - else - useradd -o -m -u "${desired_uid}" -g "${primary_group}" -s /bin/bash "${USER_NAME}" - fi -} - -GROUP_NAME=$(ensure_group "${PGID}") -ensure_user "${PUID}" "${GROUP_NAME}" - +USER_NAME=${USER_NAME:-codex} USER_HOME=$(eval echo "~${USER_NAME}") mkdir -p /workspace/inbox /workspace/outbox /workspace/processed /workspace/failed mkdir -p "${USER_HOME}/.codex" -for path in /workspace/inbox /workspace/outbox /workspace/processed /workspace/failed "${USER_HOME}" "${USER_HOME}/.codex"; do - if [ -e "${path}" ]; then - chown -R "${PUID}:${PGID}" "${path}" - fi -done - export HOME="${USER_HOME}" export XDG_CACHE_HOME="${USER_HOME}/.cache" mkdir -p "${XDG_CACHE_HOME}" -chown -R "${PUID}:${PGID}" "${XDG_CACHE_HOME}" -exec gosu "${PUID}:${PGID}" python3 /app/watch_and_customize.py +exec python3 /app/watch_and_customize.py