15

After trying to test Dockerfiles with Dockerspec, I finally had an issue I can't resolve properly.

The problem is, I think, from Docker itself ; If I understand its process, an Entrypoint is only executed at run, but if the container stay started and I launch an "exec" command in, it's not re-called.

I think it's the wanted behavior.

But if the Entrypoint is a "gosu" script which precede all my commands, it's a problem...

Example

"myImage" has this Entrypoint : gosu 1000:1000 "$@"

If I launch : docker run -it myImage id -u

The output is "1000".

If I start a container : docker run -it myImage bash

In this container, id -u outputs "1000".

But if I start a new command in this container, it starts a new shell, and does not execute the Entrypoint, so : docker exec CONTAINER_ID id -u

Output "0", because the new shell is started as "root".

It there a way to execute each time the entrypoint ? Or re-use the shell open ?

Or a better way to do that ?

Or, maybe I haven't understand anything ? ;)

Thanks !

EDIT

After reading solutions proposed here, I understand that the problem is not how Docker works but how Serverspec works with ; my goal is to directly test a command as a docker run argument, but Serverspec start a container and test commands with docker exec.

So, the best solution is to found how get the stdout of the docker run executed by Serverspec.

But, in my personal use-case, the best solution is maybe to not use Gosu but --user flag :)

Doubidou
  • 1,573
  • 3
  • 18
  • 35
  • Just `exec` with `gosu` again? – johnharris85 May 01 '17 at 17:50
  • 1
    Why not `run` it each time?. Don't exec each time, just run again. The only thing is that you will create a new container each time, but I think that this is ok for testing purposes. (It is very effient anyway) – Robert May 02 '17 at 00:58
  • I think you're right, but this is not how Serverspec works with Docker backend ; it run a container, and after that it "exec" some commands to test in this container. But I think the solution is yours, and the problem is not Docker but how serverspec interract with :/ I'll edit my question – Doubidou May 02 '17 at 04:28

1 Answers1

6

if your goal is to run the docker exec with a specific user inside of the container, you can use the --user option.

docker exec --user myuser container-name [... your command here]

If you want to run gosu every time, you can specify that as the command with docker exec

docke exec container-name gosu 1000:1000 [your actual command here]

in my experience, the best way to encapsulate this into something easily re-usable is with a .sh script (or .cmd file in windows).

drop this into a file in your local folder... maybe gs for example.

#! /bin/sh
docker exec container-name gosu 1000:1000 "$@"

give it execute permissions with chmod +x gs and then run it with ./gs from the local folder

Derick Bailey
  • 72,004
  • 22
  • 206
  • 219
  • Thanks, but my goal is to test my Dockerfile with Serverspec ; it builds the Dockerfile, run it and test some command ; I want to test the Entrypoint, so "id -u" must return "1000" in my example, but internally Serverspec run the container and use "exec" instead of run the command in the shell (or at run)... Just use "gosu" as a command is "cheated" and does not really test the Entrypoint :/ – Doubidou May 01 '17 at 20:48
  • 3
    what you're asking for isn't possible, then. the ENTRYPOINT, by definition, only runs when the container starts – Derick Bailey May 02 '17 at 00:55