I'm trying to build a local testing suite for a Python 3 application using Docker Compose. The application is meant to be hosted on Google Cloud ordinarily, however for local testing I am using Google Cloud emulators in separate containers (Firestore, PubSub, Storage). The issue I have is that this Docker Compose configuration works perfectly on MacOS running Docker Desktop and I can test the app there, however this same configuration does not on my windows machine running WSL. I am using WSL v2.
I have tried the advice on similar threads on Stack Overflow, to no avail unfortunately.
The problem as I see it is I am setting my local .config folder as a volume for the container, so that the storage emulator can use my Google Cloud credentials, which is stored in there under ~/.config/gcloud/application-default-credentials.json.
Below are the volumes I am mounting in docker-compose.yaml, where appuser is my local container user. The volumes from the ./ paths are working fine, so I'm unsure why the ~/ path is not.
volumes:
- ~/.config:/home/appuser/.config
- ./app:/home/appuser/app
- ./tests:/home/appuser/tests
The error I am getting when trying to do anything with the Google Cloud emulators with this configuration is as follows:
PermissionError: [Errno 13] Permission denied: '/home/appuser/.config/gcloud/application_default_credentials.json'
The Dockerfile for the main app container is as follows:
FROM python:3.8.13-buster as base
ARG HOME=/home/appuser
ENV PIP_NO_CACHE_DIR false
RUN groupadd -g 999 appuser && useradd -r -u 999 -g appuser appuser
RUN apt-get update -y && apt-get install ffmpeg -y && pip install --upgrade pip
WORKDIR ${HOME}
RUN chown -R appuser:appuser ${HOME}
USER appuser
ENV PYTHONDONTWRITEBYTECODE True
COPY requirements.txt ./
RUN pip install -r requirements.txt
I have tried following these instructions as mentioned above, but get no change. I've also tried keeping the code on and off the WSL file directory, which also made no difference. Running Docker Desktop as administrator too had no effect. I'm a bit stumped so any help would be appreciated. I'd like this to ideally work on both Windows as well as Mac.
I found the issue in the end. Upon creation of the application-default-credentials.json file, the permission set was very limited, which did not allow read access by Docker.
Once I edited the file's individual permissions (chmod 644), the application worked.