Set file permissions of code directory when layer present (#27)

joe4dev · web-flow · commit d176f7dd4f87 · 2023-10-24T18:51:19.000+02:00
diff --git a/cmd/localstack/file_utils.go b/cmd/localstack/file_utils.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"io"
 	"os"
 	"path/filepath"
 )
@@ -20,3 +21,19 @@ func ChmodRecursively(root string, mode os.FileMode) error {
 			return nil
 		})
 }
+
+// Check if a directory is empty
+// Source: https://stackoverflow.com/questions/30697324/how-to-check-if-directory-on-path-is-empty/30708914#30708914
+func IsDirEmpty(name string) (bool, error) {
+	f, err := os.Open(name)
+	if err != nil {
+		return false, err
+	}
+	defer f.Close()
+
+	_, err = f.Readdirnames(1) // faster than f.Readdir(1)
+	if err == io.EOF {
+		return true, nil
+	}
+	return false, err // Either not empty or error, suits both cases
+}
diff --git a/cmd/localstack/main.go b/cmd/localstack/main.go
@@ -132,13 +132,22 @@ func main() {
 		log.Fatal("Failed to download code archives: " + err.Error())
 	}
 
-	// fix permissions of the layers directory for better AWS parity
+	// set file permissions of the tmp directory for better AWS parity
+	if err := ChmodRecursively("/tmp", 0700); err != nil {
+		log.Warnln("Could not change file mode recursively of directory /tmp:", err)
+	}
+	// set file permissions of the layers directory for better AWS parity
 	if err := ChmodRecursively("/opt", 0755); err != nil {
 		log.Warnln("Could not change file mode recursively of directory /opt:", err)
 	}
-	// fix permissions of the tmp directory for better AWS parity
-	if err := ChmodRecursively("/tmp", 0700); err != nil {
-		log.Warnln("Could not change file mode recursively of directory /tmp:", err)
+	// set file permissions of the code directory if at least one layer is present for better AWS parity
+	// Limitation: hot reloading likely breaks file permission parity for /var/task in combination with layers
+	// Heuristic for detecting the presence of layers. It might fail for an empty layer or image-based Lambda.
+	if isDirEmpty, _ := IsDirEmpty("/opt"); !isDirEmpty {
+		log.Debugln("Detected layer present")
+		if err := ChmodRecursively("/var/task", 0755); err != nil {
+			log.Warnln("Could not change file mode recursively of directory /var/task:", err)
+		}
 	}
 
 	// parse CLI args
