`Permission denied` issues with mysql data and mounted (docker) volume

### Describe the bug
I recently tried re-creating my WCPay docker environment from scratch, and I hit an issue. The MySQL / `db` container had permissions issues with the data volume.

In our current docker environment, the [data volume is a mounted folder (from the host OS)](https://github.com/Automattic/woocommerce-payments/blob/develop/docker-compose.yml#L36). I think this causes the permission issue I'm seeing (maybe intermittent?). 

There's a workaround – map [user](https://docs.docker.com/engine/reference/run/#user) in [compose file](https://docs.docker.com/compose/compose-file/compose-file-v3/#domainname-hostname-ipc-mac_address-privileged-read_only-shm_size-stdin_open-tty-user-working_dir), so the container user has enough access. 

I'd recommend switching to a [named volume](https://docs.docker.com/storage/volumes/), which avoids the permissions issue altogether. This may also have other benefits since it's completely isolated inside the container. Note named volumes still persist across container recreate, so we still have a persistent database (and can reset it at will by deleting the volume - [`docker compose down --volumes`](https://docs.docker.com/compose/reference/down/)).

I notice that we [use a mounted volume for WordPress as well](https://github.com/Automattic/woocommerce-payments/blob/develop/docker-compose.yml#L22). I personally don't need this, perhaps if we move to a named volume it will simplify things and maybe even help with performance. 

My understanding is that mounted volumes are best for sharing source code and config files into a container; not sure about using them to share large amounts of data "out".

Note if we do switch to named volumes, developers can easily [override this if they have different needs, using `docker-compose.override.yml`](https://github.com/Automattic/woocommerce-payments/pull/2801). For example, if a developer needs to hack on WordPress core at the same time, they could clone locally and map into the container. 

### To Reproduce
- Clone repo. 
- Put stuff in `./docker/data` or remove write permissions (to force the issue!).
- `npm install`
- `npm run up:recreate`

### Actual behavior
Lots of errors in database container like the following, and then it bails. No database container, unhappy WordPress.

```
woocommerce_payments_mysql | chown: changing ownership of '/var/lib/mysql/': Permission denied
woocommerce_payments_mysql | chown: changing ownership of '/var/lib/mysql/ibdata1': Permission denied
woocommerce_payments_mysql | chown: changing ownership of '/var/lib/mysql/wcpay_tests': Permission denied
woocommerce_payments_mysql | chown: changing ownership of '/var/lib/mysql/wcpay_tests/wptests_wc_product_meta_lookup.frm': Permission denied
```

### Expected behavior
- Quick and robust launch or recreate of dev env under a wide range of circumstances. (I believe using named volumes will make the env more reliable.)

### Desktop (please complete the following information):

- macOS Monterey, Intel



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

`Permission denied` issues with mysql data and mounted (docker) volume #3946

haszari
openedon Mar 10, 2022

Describe the bug

To Reproduce

Actual behavior

Expected behavior

Desktop (please complete the following information):

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Permission denied issues with mysql data and mounted (docker) volume #3946

Description

haszariopenedon Mar 10, 2022