Description
Hi Ilya,
In the interest of contributing our changes back to upstream, I wanted to tell you about a problem we encountered and how we solved it. It happens outside of the normal exekube flow, so I'm creating an Issue rather than a PR.
I described the problem here, including links to upstream docker/docker-compose Issues:
gpii-ops/gpii-infra#80 (comment)
(Note that this does not affect Docker for Mac, which is probably why none of us noticed it until we tried to run exekube on our (Linux) CI machine. ;))
We ended up abandoning the "run as a non-root user inside the container" strategy described there. Instead, we moved from bind mounts to Docker Volumes (in particular, see docker-compose.yaml):
gpii-ops/gpii-infra#92
This might not be a good fit for exekube / exekube demo projects since it requires some extra stuff outside of exekube to manage Docker Volumes, but I wanted to let you know about it. Feel free to close this Issue without further action.