reachableceo/ResumeCustomizer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(input): run watcher as codex user

Browse Source
This commit is contained in:
Charles N Wyble - admin
2025-10-15 17:38:07 -05:00
parent 92fc6e5d68
commit b359b39b50
3 changed files with 7 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
input/Docker/Dockerfile
View File

@@ -11,7 +11,6 @@ RUN apt-get update \
&& apt-get install --yes --no-install-recommends \ && apt-get install --yes --no-install-recommends \
python3 \ python3 \
python3-venv \ python3-venv \
gosu \
&& apt-get clean \ && apt-get clean \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
@@ -19,8 +18,9 @@ RUN apt-get update \
# The CLI expects credentials/configuration from the mounted ~/.codex directory. # The CLI expects credentials/configuration from the mounted ~/.codex directory.
RUN npm install --location=global @openai/codex RUN npm install --location=global @openai/codex
RUN groupadd -r codex && \ RUN groupmod --new-name codex node \
useradd -r -m -g codex -s /bin/bash codex && usermod --login codex --home /home/codex --move-home node \
&& chown -R codex:codex /home/codex
WORKDIR /app WORKDIR /app
@@ -28,4 +28,6 @@ COPY watch_and_customize.py entrypoint.sh JobDescriptionNormalizerPrompt.md ./
RUN chmod +x /app/watch_and_customize.py /app/entrypoint.sh RUN chmod +x /app/watch_and_customize.py /app/entrypoint.sh
USER codex
ENTRYPOINT ["/app/entrypoint.sh"] ENTRYPOINT ["/app/entrypoint.sh"]

2
input/Docker/docker-compose.yml
View File

@@ -8,8 +8,6 @@ services:
container_name: RCEO-AI-ResumeCustomizer-InputProcessor container_name: RCEO-AI-ResumeCustomizer-InputProcessor
restart: "no" restart: "no"
environment: environment:
PUID: "${LOCAL_UID:-1000}"
PGID: "${LOCAL_GID:-1000}"
POLL_INTERVAL_SECONDS: "${POLL_INTERVAL_SECONDS:-5}" POLL_INTERVAL_SECONDS: "${POLL_INTERVAL_SECONDS:-5}"
CODEX_TIMEOUT_SECONDS: "${CODEX_TIMEOUT_SECONDS:-600}" CODEX_TIMEOUT_SECONDS: "${CODEX_TIMEOUT_SECONDS:-600}"
volumes: volumes:

48
input/Docker/entrypoint.sh
View File

@@ -1,58 +1,14 @@
#!/usr/bin/env bash #!/usr/bin/env bash
set -euo pipefail set -euo pipefail
USER_NAME=codex USER_NAME=${USER_NAME:-codex}
PUID=${PUID:-1000}
PGID=${PGID:-1000}
ensure_group() {
local desired_gid=$1
local group_name
if getent group "${desired_gid}" >/dev/null 2>&1; then
group_name=$(getent group "${desired_gid}" | cut -d: -f1)
echo "${group_name}"
return 0
fi
if getent group "${USER_NAME}" >/dev/null 2>&1; then
groupmod -o -g "${desired_gid}" "${USER_NAME}"
echo "${USER_NAME}"
return 0
fi
groupadd -o -g "${desired_gid}" "${USER_NAME}"
echo "${USER_NAME}"
}
ensure_user() {
local desired_uid=$1
local primary_group=$2
if getent passwd "${USER_NAME}" >/dev/null 2>&1; then
usermod -o -u "${desired_uid}" -g "${primary_group}" -d "/home/${USER_NAME}" -s /bin/bash "${USER_NAME}"
else
useradd -o -m -u "${desired_uid}" -g "${primary_group}" -s /bin/bash "${USER_NAME}"
fi
}
GROUP_NAME=$(ensure_group "${PGID}")
ensure_user "${PUID}" "${GROUP_NAME}"
USER_HOME=$(eval echo "~${USER_NAME}") USER_HOME=$(eval echo "~${USER_NAME}")
mkdir -p /workspace/inbox /workspace/outbox /workspace/processed /workspace/failed mkdir -p /workspace/inbox /workspace/outbox /workspace/processed /workspace/failed
mkdir -p "${USER_HOME}/.codex" mkdir -p "${USER_HOME}/.codex"
for path in /workspace/inbox /workspace/outbox /workspace/processed /workspace/failed "${USER_HOME}" "${USER_HOME}/.codex"; do
if [ -e "${path}" ]; then
chown -R "${PUID}:${PGID}" "${path}"
fi
done
export HOME="${USER_HOME}" export HOME="${USER_HOME}"
export XDG_CACHE_HOME="${USER_HOME}/.cache" export XDG_CACHE_HOME="${USER_HOME}/.cache"
mkdir -p "${XDG_CACHE_HOME}" mkdir -p "${XDG_CACHE_HOME}"
chown -R "${PUID}:${PGID}" "${XDG_CACHE_HOME}"
exec gosu "${PUID}:${PGID}" python3 /app/watch_and_customize.py exec python3 /app/watch_and_customize.py