diff --git a/dev/breeze/src/airflow_breeze/utils/docker_command_utils.py b/dev/breeze/src/airflow_breeze/utils/docker_command_utils.py index 3dd9b4ffb639d..d0394674f6b9c 100644 --- a/dev/breeze/src/airflow_breeze/utils/docker_command_utils.py +++ b/dev/breeze/src/airflow_breeze/utils/docker_command_utils.py @@ -145,6 +145,16 @@ def get_extra_docker_flags(mount_sources: str, include_mypy_volume: bool = False return extra_docker_flags +def is_docker_rootless(): + response = run_command( + ["docker", "info", "-f", "{{println .SecurityOptions}}"], capture_output=True, check=True, text=True + ) + if "rootless" in response.stdout.strip(): + get_console().print("[info]Docker is running in rootless mode.[/]\n") + return True + return False + + def check_docker_resources(airflow_image_name: str) -> RunCommandResult: """ Check if we have enough resources to run docker. This is done via running script embedded in our image. @@ -571,6 +581,7 @@ def update_expected_environment_variables(env: dict[str, str]) -> None: set_value_to_default_if_not_set(env, "COLLECT_ONLY", "false") set_value_to_default_if_not_set(env, "DB_RESET", "false") set_value_to_default_if_not_set(env, "DEFAULT_BRANCH", AIRFLOW_BRANCH) + set_value_to_default_if_not_set(env, "DOCKER_IS_ROOTLESS", "false") set_value_to_default_if_not_set(env, "ENABLED_SYSTEMS", "") set_value_to_default_if_not_set(env, "ENABLE_TEST_COVERAGE", "false") set_value_to_default_if_not_set(env, "HELM_TEST_PACKAGE", "") @@ -706,6 +717,8 @@ def prepare_broker_url(params, env_variables): def perform_environment_checks(): check_docker_is_running() check_docker_version() + if is_docker_rootless(): + os.environ["DOCKER_IS_ROOTLESS"] = "true" check_docker_compose_version() diff --git a/scripts/ci/docker-compose/_docker.env b/scripts/ci/docker-compose/_docker.env index aa21804e9b6f8..f0efac7768fc4 100644 --- a/scripts/ci/docker-compose/_docker.env +++ b/scripts/ci/docker-compose/_docker.env @@ -37,6 +37,7 @@ DB_RESET DEFAULT_BRANCH DEFAULT_CONSTRAINTS_BRANCH DEV_MODE +DOCKER_IS_ROOTLESS ENABLED_SYSTEMS ENABLE_TEST_COVERAGE GITHUB_ACTIONS diff --git a/scripts/ci/docker-compose/base.yml b/scripts/ci/docker-compose/base.yml index 1ce740d80138a..d3a18f9027139 100644 --- a/scripts/ci/docker-compose/base.yml +++ b/scripts/ci/docker-compose/base.yml @@ -47,6 +47,7 @@ services: - DEFAULT_BRANCH=${DEFAULT_BRANCH} - DEFAULT_CONSTRAINTS_BRANCH=${DEFAULT_CONSTRAINTS_BRANCH} - DEV_MODE=${DEV_MODE} + - DOCKER_IS_ROOTLESS=${DOCKER_IS_ROOTLESS} - ENABLED_SYSTEMS=${ENABLED_SYSTEMS} - ENABLE_TEST_COVERAGE=${ENABLE_TEST_COVERAGE} - GITHUB_ACTIONS=${GITHUB_ACTIONS} diff --git a/scripts/ci/docker-compose/devcontainer.env b/scripts/ci/docker-compose/devcontainer.env index f71a0e1e390b8..a297d7579cb1b 100644 --- a/scripts/ci/docker-compose/devcontainer.env +++ b/scripts/ci/docker-compose/devcontainer.env @@ -35,6 +35,7 @@ DB_RESET="false" DEFAULT_BRANCH="main" DEFAULT_CONSTRAINTS_BRANCH="constraints-main" DEV_MODE="true" +DOCKER_IS_ROOTLESS="false" ENABLED_SYSTEMS= ENABLE_TEST_COVERAGE="false" GITHUB_ACTIONS="false" diff --git a/scripts/in_container/_in_container_utils.sh b/scripts/in_container/_in_container_utils.sh index 2ed267dd543c3..c962856827abe 100644 --- a/scripts/in_container/_in_container_utils.sh +++ b/scripts/in_container/_in_container_utils.sh @@ -66,6 +66,10 @@ function in_container_script_start() { # function in_container_fix_ownership() { if [[ ${HOST_OS:=} == "linux" ]]; then + if [[ ${DOCKER_IS_ROOTLESS=} == "true" ]]; then + echo "${COLOR_YELLOW}Skip fixing ownership of generated files: Docker is rootless${COLOR_RESET}" + return + fi DIRECTORIES_TO_FIX=( "/dist" "/files"