Description
Changes in the 4.0.0 beta that tell the docker container to run as a particular user break using the mounted SSH keys for pip. Specifically, #145
part of the cmdOptions
that are sent to docker include mounting ~/.ssh/id_rsa as /root/.ssh/id_rsa within the docker container. An ssh key present is required when a line in pip requirements.txt looks like
git+ssh://git@github.com/....
Mounting it as /root/ requires that the docker user also be root.
Looking through the code, and experimenting with different versions of serverless-python-requirements, it looks like setting the docker user to be root all the time (the default) is fine. the .serverless
directory always seems owned by the current host user. We have tested using v4.0.x, and v3.3.1 on windows, linux and mac. and we were fine.
Could it be that using a non-root user in docker is not the best way to handle the cache-dir issue for pip? One thought here is to provide --cache-dir=.serverless/pipCache in order to have the cache exist outside docker and serve a useful purpose over multiple builds.