compose: fix permissions on build dir and venv

Fix issue with mixed root/user permissions.

Summary of new/working state:
- source directory is copied in the Dockerfile with root permissions
to allow synchronisation using watch feature of docker compose.
- each robot service has its own build dir (/src/build/${ROBOT_ID}) to
prevent override to parallel startup.
- "uv sync" command is executed with root permission because it creates
bindings (__init__.pyi) in the source directory.
- "uv run" commands are executed with user permissions because tools are
using shared memory files in "/dev/shm" mounted from the host.
- to avoid permission denied errors due to recompilation, "uv run" is
launched with "--no-sync" option.
- "/src/.venv" bound to venv_cache volume so monitor service can reuse
the venv created by robot service.

Signed-off-by: Eric Courtois <eric.courtois@gmail.com>

Author: ecourtois

Dockerfile

@@ -64,7 +64,6 @@ RUN group_exists=$(getent group ${GID} || true) && echo $group_exists \
 
 ADD .python-version uv.lock pyproject.toml CMakeLists.txt LICENSE /src/
 ADD cogip /src/cogip
-RUN uv sync
 
 CMD ["sleep", "infinity"]
 

docker-compose.yml

@@ -13,6 +13,7 @@ x-volumes-common: &volumes-common
     - *vol-dev
     - *vol-vscode
     - "build_cache:/src/build"
+    - "venv_cache:/src/.venv"
     - "./assets:/src/assets"
     - "/tmp/.X11-unix/:/tmp/.X11-unix/"
     - "$XDG_RUNTIME_DIR:$XDG_RUNTIME_DIR"
@@ -143,14 +144,13 @@ x-robot: &robot
     - -x
     - -c
     - |
-      USERNAME=`getent passwd $${UID} | cut -d: -f1` || exit 1
-      uv sync --reinstall-package cogip-tools -C build-dir=/src/build/$${ROBOT_ID}
-      su $${USERNAME} -c "uv run cogip-server" &
+      uv sync -C build-dir=/src/build/$${ROBOT_ID} --link-mode=copy --reinstall-package cogip-tools
+      gosu $${UID}:$${GID} uv run --no-sync cogip-server &
       wait-for-it -t 0 localhost:809$${ROBOT_ID}
-      su $${USERNAME} -c "uv run cogip-planner" &
-      su $${USERNAME} -c "uv run cogip-copilot -b 500000 -B 1000000" &
-      su $${USERNAME} -c "uv run cogip-detector" &
-      su $${USERNAME} -c "uv run cogip-dashboard" &
+      gosu $${UID}:$${GID} uv run --no-sync cogip-planner &
+      gosu $${UID}:$${GID} uv run --no-sync cogip-copilot -b 500000 -B 1000000 &
+      gosu $${UID}:$${GID} uv run --no-sync cogip-detector &
+      gosu $${UID}:$${GID} uv run --no-sync cogip-dashboard &
       sleep infinity
   stop_signal: SIGKILL
 
@@ -169,8 +169,8 @@ x-monitor: &monitor
     - -x
     - -c
     - |
-      wait-for-it -t 0 $${COGIP_SOCKETIO_SERVER_HOST}:$${COGIP_SOCKETIO_SERVER_PORT}
-      gosu $${UID}:$${GID} uv run cogip-monitor http://$${COGIP_SOCKETIO_SERVER_HOST}:$${COGIP_SOCKETIO_SERVER_PORT} &
+      wait-for-it -t 0 localhost:809$${ROBOT_ID}
+      gosu $${UID}:$${GID} uv run --no-sync cogip-monitor http://localhost:809$${ROBOT_ID} &
       sleep infinity
   working_dir: /src
   stop_signal: SIGKILL
@@ -350,9 +350,7 @@ services:
     hostname: monitor1
     environment:
       << : *env-monitor
-      COGIP_SOCKETIO_SERVER_HOST: robot1
-      COGIP_SOCKETIO_SERVER_PORT: 8091
-      COGIP_SOCKETIO_SERVER_URL: http://robot1:8091
+      ROBOT_ID: 1
     depends_on:
       - robot1
     profiles:
@@ -363,9 +361,7 @@ services:
     hostname: monitor2
     environment:
       << : *env-monitor
-      COGIP_SOCKETIO_SERVER_HOST: robot2
-      COGIP_SOCKETIO_SERVER_PORT: 8092
-      COGIP_SOCKETIO_SERVER_URL: http://robot2:8092
+      ROBOT_ID: 2
     depends_on:
       - robot2
     profiles:
@@ -376,9 +372,7 @@ services:
     hostname: monitor2
     environment:
       << : *env-monitor
-      COGIP_SOCKETIO_SERVER_HOST: robot3
-      COGIP_SOCKETIO_SERVER_PORT: 8093
-      COGIP_SOCKETIO_SERVER_URL: http://robot3:8093
+      ROBOT_ID: 3
     depends_on:
       - robot3
     profiles:
@@ -389,9 +383,7 @@ services:
     hostname: monitor4
     environment:
       << : *env-monitor
-      COGIP_SOCKETIO_SERVER_HOST: robot4
-      COGIP_SOCKETIO_SERVER_PORT: 8094
-      COGIP_SOCKETIO_SERVER_URL: http://robot4:8094
+      ROBOT_ID: 4
     depends_on:
       - robot4
     profiles:
@@ -402,9 +394,7 @@ services:
     hostname: monitor5
     environment:
       << : *env-monitor
-      COGIP_SOCKETIO_SERVER_HOST: robot5
-      COGIP_SOCKETIO_SERVER_PORT: 8095
-      COGIP_SOCKETIO_SERVER_URL: http://robot5:8095
+      ROBOT_ID: 5
     depends_on:
       - robot5
     profiles:
@@ -433,11 +423,12 @@ services:
       - "./dist:/src/dist"
       - "./LICENSE:/src/LICENSE"
       - "./.gitignore:/src/.gitignore"
-      - "build_cache:/src/build/wheel"
+      - "build_cache:/src/build"
     profiles:
       - build_wheel
 
 volumes:
   vscode:
   run:
   build_cache:
+  venv_cache: