我想创建一个充当可执行文件的Docker映像,用户为其传递令牌作为环境变量。可执行文件具有用户应通过dockers CMD传递的子命令(认为git通过Env进行身份验证)。 但是,Docker不会将CMD附加到入口点。 Dockerfile的相关部分如下所示:
I want to create a Docker Image that acts as an executable for which the user passes a token as an environment variable. The executable has sub commands that the user should pass via dockers CMD (think of git with authentication via Env). However, Docker does not append the CMD to the entrypoint. The relevant part of my Dockerfile looks like this:
ENTRYPOINT ["/bin/sh", "-c", "/usr/bin/mycmd --token=$MY_TOKEN"] CMD ["pull", "stuff"]因此,如果执行此容器时没有任何CMD覆盖并且将秘密作为MY_TOKEN变量,则我期望
So if this container is executed without any CMD overrides and secret as the MY_TOKEN variable, I would expect
mycmd --token=secret pull stuff要执行。如果用户使用覆盖启动容器,例如
to be executed. If the user starts the container with an override, e.g.
docker run -it -e MY_TOKEN=secret myimage push junk我希望
mycmd --token=secret push junk被执行。如上所述,但是,只有 mycmd --token = secret 被执行,CMD被忽略-无论我在启动期间覆盖它还是在Dockerfile中设置它。 / p>
to be executed. As mentioned above, however, only mycmd --token=secret gets executed, the CMD is ignored - no matter if I override it during start or set it in the Dockerfile.
推荐答案使用 / bin / sh -c脚本 语法 -c 参数成为脚本的参数之后。您可以通过 $ 0 和 $ @ 作为/ bin / sh脚本的一部分来访问它们:
With /bin/sh -c "script" syntax, anything after the -c argument becomes an argument to your script. You can reach them with $0 and $@ as part of your /bin/sh script:
ENTRYPOINT ["/bin/sh", "-c", "exec /usr/bin/mycmd --token=$MY_TOKEN $0 $@"] CMD ["pull", "stuff"]请注意,您也可以将您的入口点更改为添加到运行 exec / usr / bin / mycmd --token = $ MY_TOKEN $ @ 的映像的shell脚本,并使用docker的exec语法:
Note that you could also change your entrypoint to be a shell script added to your image that runs exec /usr/bin/mycmd --token=$MY_TOKEN "$@" and execute that shell script with docker's exec syntax:
ENTRYPOINT ["/entrypoint.sh"]更多推荐
具有入口点变量扩展和CMD参数的Docker容器
发布评论