fix: resolve Docker entrypoint permission test failures in CI

- Update tests to accept dynamic UID range (10000-59999) instead of hardcoded 1001 - Enhance lock file creation with permission error handling and graceful fallback - Fix database initialization test to handle different container UIDs - Add proper error recovery when lock file creation fails - Improve test robustness with better permission management for mounted volumes These changes ensure tests pass in CI environments while maintaining the security benefits of dynamic UID generation. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-08-01 15:19:16 +02:00
parent 3fec6813f3
commit ff7fa33e51
2 changed files with 65 additions and 15 deletions
--- a/docker/docker-entrypoint.sh
+++ b/docker/docker-entrypoint.sh
@@ -61,9 +61,31 @@ if [ ! -f "$DB_PATH" ]; then
    # Check if flock is available
    if command -v flock >/dev/null 2>&1; then
        # Use a lock file to prevent multiple containers from initializing simultaneously
-        (
-            flock -x 200
-            # Double-check inside the lock
+        # Try to create lock file, handle permission errors gracefully
+        LOCK_FILE="$DB_DIR/.db.lock"
+        
+        # Ensure we can create the lock file - fix permissions if running as root
+        if [ "$(id -u)" = "0" ] && [ ! -w "$DB_DIR" ]; then
+            chown nodejs:nodejs "$DB_DIR" 2>/dev/null || true
+            chmod 755 "$DB_DIR" 2>/dev/null || true
+        fi
+        
+        # Try to create lock file with proper error handling
+        if touch "$LOCK_FILE" 2>/dev/null; then
+            (
+                flock -x 200
+                # Double-check inside the lock
+                if [ ! -f "$DB_PATH" ]; then
+                    log_message "Initializing database at $DB_PATH..."
+                    cd /app && NODE_DB_PATH="$DB_PATH" node dist/scripts/rebuild.js || {
+                        log_message "ERROR: Database initialization failed" >&2
+                        exit 1
+                    }
+                fi
+            ) 200>"$LOCK_FILE"
+        else
+            log_message "WARNING: Cannot create lock file at $LOCK_FILE, proceeding without file locking"
+            # Fallback without locking if we can't create the lock file
            if [ ! -f "$DB_PATH" ]; then
                log_message "Initializing database at $DB_PATH..."
                cd /app && NODE_DB_PATH="$DB_PATH" node dist/scripts/rebuild.js || {
@@ -71,7 +93,7 @@ if [ ! -f "$DB_PATH" ]; then
                    exit 1
                }
            fi
-        ) 200>"$DB_DIR/.db.lock"
+        fi
    else
        # Fallback without locking (log warning)
        log_message "WARNING: flock not available, database initialization may have race conditions"