From 116e2c15778fa2f33145af2e8319b7b7408c051a Mon Sep 17 00:00:00 2001
From: Sonny Bakker <sonny871@hotmail.com>
Date: Mon, 5 May 2025 16:22:07 +0200
Subject: [PATCH] Fix cache permissions

see https://github.com/moby/buildkit/blob/master/frontend/dockerfile/docs/reference.md#run---mounttypecache
---
 Dockerfile | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index a92172f..116d20a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,8 +1,9 @@
 # stage 1
 FROM python:3.11-alpine AS backend
 
-ARG USER_UID=1000
-ARG GROUP_UID=1000
+ARG USER_ID=1000
+ARG GROUP_ID=1000
+ARG UV_LINK_MODE=copy
 
 RUN apk update \
     && apk add --no-cache \
@@ -10,7 +11,7 @@ RUN apk update \
         curl \
         gettext
 
-RUN addgroup -g $USER_UID newsreader && adduser -Du $GROUP_UID -G newsreader newsreader
+RUN addgroup -g $USER_ID newsreader && adduser -Du $GROUP_ID -G newsreader newsreader
 
 RUN mkdir --parents /app/src /app/logs /app/media /app/bin /app/static \
     && chown -R newsreader:newsreader /app
@@ -23,7 +24,7 @@ COPY --chown=newsreader:newsreader uv.lock pyproject.toml /app/
 
 COPY --from=ghcr.io/astral-sh/uv:python3.11-alpine /usr/local/bin/uv /bin/uv
 
-RUN --mount=type=cache,target=$HOME/.cache/uv \
+RUN --mount=type=cache,uid=$USER_ID,gid=$GROUP_ID,target=/home/newsreader/.cache/uv \
     uv sync --frozen --no-default-groups --no-install-project
 
 COPY --chown=newsreader:newsreader ./bin/docker-entrypoint.sh /app/bin/docker-entrypoint.sh
@@ -45,7 +46,7 @@ USER node
 
 COPY --chown=node:node ./package*.json ./webpack.*.js ./babel.config.js /app/
 
-RUN --mount=type=cache,target=$HOME/.npm \
+RUN --mount=type=cache,uid=1000,gid=1000,target=/home/node/.npm \
     npm ci
 
 COPY --chown=node:node ./src /app/src
@@ -60,7 +61,7 @@ FROM backend AS production
 COPY --from=frontend-build --chown=newsreader:newsreader \
     /app/src/newsreader/static /app/src/newsreader/static
 
-RUN --mount=type=cache,target=$HOME/.cache/uv \
+RUN --mount=type=cache,uid=$USER_ID,gid=$GROUP_ID,target=/home/newsreader/.cache/uv \
     uv sync --frozen --only-group production --extra sentry
 
 COPY --chown=newsreader:newsreader ./src /app/src
@@ -75,5 +76,5 @@ RUN uv run --no-sync -- src/manage.py collectstatic --noinput
 # (optional) stage 4
 FROM backend AS development
 
-RUN --mount=type=cache,target=$HOME/.cache/uv \
+RUN --mount=type=cache,uid=$USER_ID,gid=$GROUP_ID,target=/home/newsreader/.cache/uv \
     uv sync --frozen --group development