30 replies

issues when pushing a template with restricted file permissions

hello!

i'm trying to use nix to package my coder templates, and i ran into an odd edge case when doing so

it seems that when directories without write privileges are added (e.g., when they're in the nix store), the provisioner preserves these when writing to its tempdir, and is then not able to continue extracting the archive

this is the error i see locally:

running command "coder templates create": run parse: recv parse source: extract archive: mkdir "/Users/denbeigh/Library/Caches/coder/provisioner-0/work/Sessiona7c00ede-b7e4-4627-a792-91c3beb2d7a6/modules/common": mkdir /Users/denbeigh/Library/Caches/coder/provisioner-0/work/Sessiona7c00ede-b7e4-4627-a792-91c3beb2d7a6/modules/common: permission denied

running command "coder templates create": run parse: recv parse source: extract archive: mkdir "/Users/denbeigh/Library/Caches/coder/provisioner-0/work/Sessiona7c00ede-b7e4-4627-a792-91c3beb2d7a6/modules/common": mkdir /Users/denbeigh/Library/Caches/coder/provisioner-0/work/Sessiona7c00ede-b7e4-4627-a792-91c3beb2d7a6/modules/common: permission denied

one can repro this without nix by:
- removing write privs on their template directory (

chmod -R ugo-w [some subdirectory]

chmod -R ugo-w [some subdirectory]

)
- tarballing the template dir

tar cvf ../my-template.tar *.tf [some subdirectory]

tar cvf ../my-template.tar *.tf [some subdirectory]

- trying to push the template

cat ../my-template.tar | coder templates push -d - my-template --yes

cat ../my-template.tar | coder templates push -d - my-template --yes

am i missing some flag to skip preserving permissions? also happy to file a gh issue if preferred

Coder.com•3y ago•

30 replies

not denbeigh

issues when pushing a template with restricted file permissions

running command "coder templates create": run parse: recv parse source: extract archive: mkdir "/Users/denbeigh/Library/Caches/coder/provisioner-0/work/Sessiona7c00ede-b7e4-4627-a792-91c3beb2d7a6/modules/common": mkdir /Users/denbeigh/Library/Caches/coder/provisioner-0/work/Sessiona7c00ede-b7e4-4627-a792-91c3beb2d7a6/modules/common: permission denied

running command "coder templates create": run parse: recv parse source: extract archive: mkdir "/Users/denbeigh/Library/Caches/coder/provisioner-0/work/Sessiona7c00ede-b7e4-4627-a792-91c3beb2d7a6/modules/common": mkdir /Users/denbeigh/Library/Caches/coder/provisioner-0/work/Sessiona7c00ede-b7e4-4627-a792-91c3beb2d7a6/modules/common: permission denied

one can repro this without nix by:
- removing write privs on their template directory (

chmod -R ugo-w [some subdirectory]

chmod -R ugo-w [some subdirectory]

)
- tarballing the template dir

tar cvf ../my-template.tar *.tf [some subdirectory]

tar cvf ../my-template.tar *.tf [some subdirectory]

- trying to push the template

cat ../my-template.tar | coder templates push -d - my-template --yes

cat ../my-template.tar | coder templates push -d - my-template --yes

am i missing some flag to skip preserving permissions? also happy to file a gh issue if preferred

issues when pushing a template with restricted file permissions

Similar Threads

issues when pushing a template with restricted file permissions

Similar Threads

Similar Threads

Similar Threads