Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Consistently set archived file permissions #41

Closed
wants to merge 3 commits into from
Closed

Consistently set archived file permissions #41

wants to merge 3 commits into from

Conversation

bboe
Copy link

@bboe bboe commented Mar 1, 2019

This pull request consistently sets archived file permissions to either 0444 or 0555 depending on whether or not the file is executable. It's likely directories may also need to be consistently set to 0555 or 0777 depending on if they need to be writable or not (or perhaps they can simply be excluded from the archive). I can make that change if desired, or we can leave it for a separate PR.

This fix should help to address #34.

@ghost ghost added the size/M label Mar 1, 2019
@ghost
Copy link

ghost commented Oct 25, 2019

+1

@bboe
Copy link
Author

bboe commented Jan 10, 2020

@findkim is there anything we might need to do to get this, or something similar in?

@borgstrom
Copy link

cc @appilon -- Can we get someone to review this please?

The issue described in #34 causes so much noise and drift since we have different team members working on macOS and Linux and this PR appears to fix things.

@appilon
Copy link
Contributor

appilon commented May 12, 2020

Hello all, just commented on the longstanding issue #34. Thank you for for engaging in that conversation @bboe and for attempting to develop a fix here. I think you have found a common cause for the output hashing problem users run into across OSes and when using the AWS Lambda service in particular, but my main concern is just applying an arbitrary permission to the outputted archive's files.

I think an alternative that is more explicit and we would accept on the provider is having the data source have the ability to explicitly override source file permissions. This way developers are aware they are applying a permission change to the files that live in the outputted folder.

I will give you the opportunity to potentially adapt this PR to have that if you are interested, however it's something I can try and take over and get released, our apologies for not getting back to you sooner. We appreciate your participation in the Terraform Ecosystem.

UPDATE: It appears #53 is proposing this feature, I will be linking that issue across here and #34 as the approach we can take.

@bboe
Copy link
Author

bboe commented May 12, 2020

Thanks @appilon for the update. I agree that a more generalizable approach is appropriate. I ended up writing a little tool to help solve this problem which we've implemented into our workflow:

https://github.com/bboe/deterministic_zip

I would love to see first class support in terraform, however, I unfortunately won't have the cycles to dedicate to it. Thank you for the response, and the commitment to finding a suitable solution to the problem.

Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 27, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants