Commit 8c8e206d authored by Elijah Grubb's avatar Elijah Grubb

Adding support for dockerfiles that use alt users

parent d6082d11
......@@ -4614,6 +4614,9 @@ sub emulabizeImage($;$$$$$$$$)
my $dockerentrypoint;
my $dockercmd;
my $dockeruser;
$dockeruser = $iattrs{DOCKER_USER};
print $runitfile "if [ ! -f /etc/emulab/docker/dockercmd ]; then\n";
......@@ -4623,6 +4626,15 @@ sub emulabizeImage($;$$$$$$$$)
if ($dockerentrypoint->[0] ne "/bin/sh") {
print $runitfile "exec ";
}
# if the user for the container is specified otherwise
# need to run it as that user
if ($dockeruser ne "") {
print $runitfile "sudo -u ";
print $runitfile $dockeruser;
print $runitfile " bash -c '";
}
# print whole thing to file
# need to be careful about variables to be expanded
foreach my $elem (@$dockerentrypoint) {
......@@ -4631,6 +4643,10 @@ sub emulabizeImage($;$$$$$$$$)
print $runitfile "\"";
print $runitfile " ";
}
if ($dockeruser ne "") {
print $runitfile "'";
}
}
if (exists($iattrs{DOCKER_CMD})) {
......@@ -4639,12 +4655,24 @@ sub emulabizeImage($;$$$$$$$$)
print $runitfile "exec ";
}
# if the user for the container is specified otherwise
# need to run it as that user
if ($dockeruser ne "") {
print $runitfile "sudo -u ";
print $runitfile $dockeruser;
print $runitfile " bash -c '";
}
foreach my $elem (@$dockercmd) {
print $runitfile "\"";
print $runitfile $elem;
print $runitfile "\"";
print $runitfile " ";
}
if ($dockeruser ne "") {
print $runitfile "'";
}
}
print $runitfile "\n";
......@@ -4675,7 +4703,7 @@ sub emulabizeImage($;$$$$$$$$)
# all the artifact build scripts.
#
foreach my $ascript (@artifactscripts) {
my %args = ( 'Tty' => JSON::PP::true);
my %args = ( 'Tty' => JSON::PP::true, 'User' => 'root');
$args{'HostConfig'}{'Binds'} = [
"$hdir/etc/emulab/CONTEXT:/etc/emulab/CONTEXT:ro",
"$adir:/artifacts:rw",
......@@ -4766,6 +4794,15 @@ sub emulabizeImage($;$$$$$$$$)
#
print DFD "FROM $image\n\n";
#
# When user is unspecified Docker defaults to root,
# however if a user specifies another user we must
# set it back to root in order to do our transformations.
# However we also must set user back to the Dockerfile's spec
# for entrypoint/cmd ops
#
print DFD "USER root\n\n";
#
# Then, if this is emulabization core or full, add an
# ONBUILD instruction that runs our prepare script. And we
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment