作为 root,我们正在使用 ansible 启动 docker 容器:
FROM python:3.7-alpine3.9
ENV HOME /home/someteam
RUN apk add --no-cache --virtual .build-deps python3-dev gcc linux-headers musl-dev
RUN addgroup someteam --gid=5566; \
adduser -G someteam -Du 5566 -d /home/someteam -m -s /bin/bash someteam; \
chown -R someteam $HOME
USER someteam
ADD script.sh /home/someteam/script.sh
ENTRYPOINT ["/home/envteam/script.sh"]
下面是本地测试的错误:
adduser: unrecognized option: d
BusyBox v1.29.3 (2019-01-24 07:45:07 UTC) multi-call binary.
Usage: adduser [OPTIONS] USER [GROUP]
Create new user, or add USER to GROUP
-h DIR Home directory
-g GECOS GECOS field
-s SHELL Login shell
-G GRP Group
-S Create a system user
-D Don't assign a password
-H Don't create home directory
-u UID User id
-k SKEL Skeleton directory (/etc/skel)
chown: unknown user someteam
在运行第二个RUN指令之前,whoami是root
问题是,当使用 ansible 启动 docker 容器时,运行的 shell 命令script.sh不使用相对路径
- name: Run docker container from ansible
command: docker container run --rm -e SOMETHING={{somthing}} 111112223333.dkr.ecr.us-east-1.amazonaws.com/someteamteam/deploy:v1
1)
期待ADD指令运行/home/someteam,是否USER someteam将 shell 切换到/home/someteam?或者我们还需要吗WORKDIR $HOME?任何与adduser...一起使用的冗余选项
2)
我们需要chown指挥吗?