fix(gom-41): pre-create data/ dir for nonroot user in Docker image

[SantiagoDePolonia]

The distroless nonroot runtime image (UID 65532) cannot create directories under /app at runtime. Pre-create data/ with correct ownership, matching the existing pattern used for .cache/.

Summary by CodeRabbit

• Chores
  • Container build updated to create and expose a separate writable data directory alongside cache storage at runtime. Placeholder files and ownership are set so the application can manage and persist runtime data with appropriate permissions for non-root execution.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

---

📝 Walkthrough

Walkthrough

The Dockerfile now creates both /app/.cache and /app/data with placeholder .keep files during build, and copies both directories into the final runtime image preserving ownership for the nonroot user (uid 65532, gid 65532).

Changes

Cohort / File(s)	Summary
Docker Build Configuration Dockerfile	Creates /app/.cache and /app/data and their .keep placeholders during build; copies both directories into the runtime image with ownership set to 65532:65532; updated comments to reflect added /app/data runtime writable directory.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

A rabbit nibble, soft and spry, 🐰
Two folders planted, neat and dry,
A .keep to show the way,
Permissions set — hooray, hooray!
Happy hops for storage day! 📁✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly describes the primary change: pre-creating the data/ directory for the nonroot user in the Docker image to fix the issue described in GOM-41.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/gom-41-docker-cannot-create-a-cache

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@Dockerfile`:
- Line 21: Update the stale Dockerfile comments so they accurately reference
both directories (.cache and data) instead of only .cache: change the comment
that currently reads "Create cache directory for runtime (with placeholder for
COPY)" to mention both ".cache and data" as runtime cache/data directories, and
change "Create writable cache directory for SQLite storage (nonroot user
UID=65532)" to mention that it creates a writable directory for both ".cache and
data" for SQLite/nonroot UID=65532; locate the two comment strings in the
Dockerfile and adjust their text accordingly.