Skip to content

Fix user extension no groups #348

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
T-Rajeev30 wants to merge 3 commits into from
Closed

Fix user extension no groups #348

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ffaa925
Display Docker build errors when builds fail (Fixes #35)
T-Rajeev30 Jan 29, 2026
8d53b10
Show docker build errors while preserving return behavior
T-Rajeev30 Jan 29, 2026
9bef5da
Fix User extension test failure when user has no groups
T-Rajeev30 Feb 3, 2026
File filter

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 21 additions & 13 deletions src/rocker/core.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -305,30 +305,38 @@ def base_image_exists(base_image, docker_client=None, output_callback=None):
# Re-raise other non-404 API errors from inspect
raise

def docker_build(docker_client = None, output_callback = None, **kwargs):
def docker_build(docker_client=None, output_callback=None, **kwargs):
Copy link
Copy Markdown
Collaborator

@tfoote tfoote Feb 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The changes in this file look unrelated.
image_id = None

if not docker_client:
docker_client = get_docker_client()

kwargs['decode'] = True

for line in docker_client.build(**kwargs):
output = line.get('stream', '').rstrip()
if not output:
# print("non stream data", line)
continue
if output_callback is not None:
output_callback(output)
stream = line.get('stream', '').rstrip()
error = line.get('error', '').rstrip()

if stream:
if output_callback:
output_callback(stream)

match = re.match(r'Successfully built ([a-z0-9]{12})', output)
if match:
image_id = match.group(1)
match = re.match(r'Successfully built ([a-z0-9]{12})', stream)
if match:
image_id = match.group(1)

if error:
if output_callback:
output_callback(error)
print(error)
return None

if image_id:
return image_id
else:
print("no more output and success not detected")
return None

print("no more output and success not detected")
return None

def docker_remove_image(
image_id,
docker_client = None,
Expand Down
24 changes: 12 additions & 12 deletions src/rocker/templates/user_snippet.Dockerfile.em
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,18 +17,18 @@ RUN existing_user_by_uid=`getent passwd "@(uid)" | cut -f1 -d: || true` && \
groupadd -g "@(gid)" "@name"; \
fi && \
useradd --no-log-init --no-create-home --uid "@(uid)" @(str('-s ' + shell) if shell else '') -c "@(gecos)" -g "@(gid)" -d "@(dir)" "@(name)" && \
@[if user_groups != '']@
user_groups="@(user_groups)" && \
for groupinfo in ${user_groups}; do \
existing_group_by_name=`getent group ${groupinfo%;*} || true`; \
existing_group_by_gid=`getent group ${groupinfo#*;} || true`; \
if [ -z "${existing_group_by_name}" ] && [ -z "${existing_group_by_gid}" ]; then \
groupadd -g "${groupinfo#*;}" "${groupinfo%;*}" && usermod -aG "${groupinfo%;*}" "@(name)" @( ('|| (true && echo "user-preserve-group-permissive Enabled, continuing without processing group $groupinfo" )') if user_preserve_groups_permissive else '') || (echo "Failed to add group ${groupinfo%;*}, consider option --user-preserve-group-permissive" && exit 2); \
elif [ "${existing_group_by_name}" = "${existing_group_by_gid}" ]; then \
usermod -aG "${groupinfo%;*}" "@(name)" @( ('|| (true && echo "user-preserve-group-permissive Enabled, continuing without processing group $groupinfo" )') if user_preserve_groups_permissive else '') || (echo "Failed to adjust group ${groupinfo%;*}, consider option --user-preserve-group-permissive" && exit 2); \
fi; \
done && \
@[end if]@
user_groups="@(user_groups)" && \
Copy link
Copy Markdown
Collaborator

@tfoote tfoote Feb 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you explain why checking if it's an empty string in bash is different than checking if it's empty in the template?
if [ -n "${user_groups}" ]; then \
for groupinfo in ${user_groups}; do \
existing_group_by_name=`getent group ${groupinfo%;*} || true`; \
existing_group_by_gid=`getent group ${groupinfo#*;} || true`; \
if [ -z "${existing_group_by_name}" ] && [ -z "${existing_group_by_gid}" ]; then \
groupadd -g "${groupinfo#*;}" "${groupinfo%;*}" && usermod -aG "${groupinfo%;*}" "@(name)" @( ('|| (true && echo "user-preserve-group-permissive Enabled, continuing without processing group $groupinfo" )') if user_preserve_groups_permissive else '') || (echo "Failed to add group ${groupinfo%;*}, consider option --user-preserve-group-permissive" && exit 2); \
elif [ "${existing_group_by_name}" = "${existing_group_by_gid}" ]; then \
usermod -aG "${groupinfo%;*}" "@(name)" @( ('|| (true && echo "user-preserve-group-permissive Enabled, continuing without processing group $groupinfo" )') if user_preserve_groups_permissive else '') || (echo "Failed to adjust group ${groupinfo%;*}, consider option --user-preserve-group-permissive" && exit 2); \
fi; \
done; \
fi && \
echo "@(name) ALL=NOPASSWD: ALL" >> /etc/sudoers.d/rocker

@[if not home_extension_active ]@
Expand Down