From a739a3fc5cc08a9f839bcaa45bb0b777df728727 Mon Sep 17 00:00:00 2001
From: Kevin Veen-Birkenbach <kevin@veen.world>
Date: Thu, 5 Feb 2026 15:20:33 +0100
Subject: [PATCH] fix(playwright): run codegen and replay containers as host
 user

Run Playwright Docker containers with the current host UID/GID to avoid
root-owned files in bind-mounted workspaces.

- Add --user UID:GID and HOME override to codegen and replay
- Harden replay workspace cleanup against leftover permission issues

https://chatgpt.com/share/6984a73c-14a0-800f-a40d-778972e518b7
---
 scripts/codegen.sh |  6 ++++++
 scripts/replay.sh  | 13 ++++++++++++-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/scripts/codegen.sh b/scripts/codegen.sh
index fda423c..0a1b236 100755
--- a/scripts/codegen.sh
+++ b/scripts/codegen.sh
@@ -37,6 +37,10 @@ require_cmd xhost
 
 : "${DISPLAY:=:0}"
 
+# Run containers as the current host user to avoid root-owned files in bind mounts.
+USER_ID="$(id -u)"
+GROUP_ID="$(id -g)"
+
 ROOT="$(repo_root)"
 REC_DIR="${ROOT}/${RECORDINGS_DIR}"
 WORK_DIR="${REC_DIR}/.work"
@@ -107,6 +111,8 @@ if [[ -n "${START_URL}" ]]; then
 fi
 
 docker run --rm -it \
+  --user "${USER_ID}:${GROUP_ID}" \
+  -e HOME=/tmp \
   --ipc=host \
   --network host \
   -e "DISPLAY=${DISPLAY}" \
diff --git a/scripts/replay.sh b/scripts/replay.sh
index 791f3e2..2b27883 100644
--- a/scripts/replay.sh
+++ b/scripts/replay.sh
@@ -38,6 +38,10 @@ repo_root() {
 
 require_cmd docker
 
+# Run containers as the current host user to avoid root-owned files in bind mounts.
+USER_ID="$(id -u)"
+GROUP_ID="$(id -g)"
+
 ROOT="$(repo_root)"
 REC_DIR="${ROOT}/${RECORDINGS_DIR}"
 
@@ -46,7 +50,12 @@ REC_DIR="${ROOT}/${RECORDINGS_DIR}"
 # Build ephemeral workspace
 WORK_DIR="${REC_DIR}/.replay-work"
 
-rm -rf "${WORK_DIR}"
+# Robust cleanup: handle possible permission issues from previous runs.
+if [[ -e "${WORK_DIR}" ]]; then
+  chmod -R u+rwX "${WORK_DIR}" 2>/dev/null || true
+  rm -rf "${WORK_DIR}" 2>/dev/null || true
+fi
+
 mkdir -p "${WORK_DIR}/tests"
 
 cleanup() {
@@ -97,6 +106,8 @@ echo "Tests        : ${TEST_FILE:-all recordings}"
 echo
 
 docker run --rm \
+  --user "${USER_ID}:${GROUP_ID}" \
+  -e HOME=/tmp \
   -v "${WORK_DIR}:/work" \
   -w /work \
   "${PLAYWRIGHT_IMAGE}" \