Can ADD command be customised to work with command line argument.
Basically i have different versions of a file let's say file1 and file2, and based on some condition passed through command line.
The following command works correctly and transfers the file from host to docker, but i didn't find any references to do it conditionally.
ADD target/file.yml file.yml
No, ADD does not support the conditional way of copying files.
But there is a way to deal with such configuration while coping from Host.
Copy all configuration to some temp location in your case copy all file1 file2 to some /temp location, then base on ARG pass to docker build, move the file to target.
Or do the above using docker entrypoint based on ENV, instead of base on ARG
FROM alpine
ADD target/ /temp_target
RUN mkdir /target
#filename to be copied to the target
ARG file_name
# pass update_file true or false if true file wil be update to new that is passed to build-args
ARG update_file
ENV file_name=$file_name
ARG update_file=$update_file
#check if update_file is set and its value is true then copy the file from temp to target, else copy file1 to target
RUN if [ ! -z "$update_file" ] && [ "${update_file}" == true ];then \
echo "$update_file"; \
echo "echo file in temp_target"; \
ls /temp_target ;\
echo "updating file target" ;\
cp /temp_target/"${file_name}" /target/ ; \
echo "list of updated files in target"; \
ls /target ; \
else \
echo "copy with default file that is ${file_name}" ;\
cp /temp_target/file1 /target ;\
fi
Build:
This will not updated file, will copy with default filename that is file1
docker build --no-cache --build-arg file_name=file1 --build-arg update_file=false -t abc .
This will update file in the target, so the new file will be in the target is file2.
docker build --no-cache --build-arg file_name=file2 --build-arg update_file=true -t abc .
Related
I am working on a Dockerfile, inside of which I want to dynamically create a sed expression based on the input argument variable, and write this expression to a file.
Here's part of the Dockerfile:
FROM ubuntu
ARG VERSION
RUN echo $VERSION > /usr/local/testfile
RUN echo '#!/bin/sh \n\
sed -i "s/\"version\"/\${VERSION}/g" file' > /usr/local/foo.sh
the image builds fine.
When I start a container from that image, and inspect the files:
# cat /usr/local/testfile
0.0.1
# cat /usr/local/foo.sh
#!/bin/sh
sed -i "s/\"version\"/\${VERSION}/g" file
I notice that the $VERSION was not replaced correctly in the sed command. What am I missing here? I've tried a few different things (e.g. "$VERSION") but none of them worked.
I ended up breaking down the command. I created a variable for the sed command by using string concatenation and then I echoed that to the file separately:
FROM ubuntu
ARG VERSION
ENV command="sed -i s/\"version\"/""$VERSION""/g"
RUN echo '#!/bin/sh' > /usr/local/foo.sh
RUN echo $command >> usr/local/foo.sh
# cat /usr/local/foo.sh
#!/bin/sh
sed -i s/"version"/0.0.1/g
I am using security scan software in my Dockerfile and I need to add its bin folder to the path. Its path will contain the version part so I do not know the path until I download the software. My current progress is something like this:
1.Download the software:
RUN curl https://cloud.appscan.com/api/SCX/StaticAnalyzer/SAClientUtil?os=linux --output SAClientUtil.zip
RUN unzip SAClientUtil.zip -d SAClientUtil
2.The desired folder is located: SAClientUtil/SAClientUtil.X.Y.Z/bin/ (xyz mary vary from run to run). Get there using find and cd combination and try to add it to the PATH:
RUN cd "$(dirname "$(find SAClientUtil -type f -name appscan.sh | head -1)")"; \
export PATH="$PATH:$PWD"; # doesn't work
Looks like ENV command is not evaluating the parameter, so
ENV PATH $PATH:"echo $(dirname "$(find SAClientUtil -type f -name appscan.sh | head -1)")"
doesn't work also.
Any ideas on how to dynamically add a folder to the PATH during docker image build?
If you're pretty sure the zip file will contain only a single directory with that exact layout, you can rename it to something fixed.
RUN curl https://cloud.appscan.com/api/SCX/StaticAnalyzer/SAClientUtil?os=linux --output SAClientUtil.zip \
&& unzip SAClientUtil.zip -d tmp \
&& mv tmp/SAClientUtil.* SAClientUtil \
&& rm -rf tmp SAClientUtil.zip
ENV PATH=/SAClientUtil/bin:${PATH}
A simple solution would be to include a small wrapper script in your image, and then use that to run commands from the SAClientUtil directory. For example, if I have the following in saclientwrapper.sh:
#!/bin/sh
cmd=$1
shift
saclientpath=$(ls -d /SAClientUtil/SAClientUtil.*)
echo "got path: $saclientpath"
cd "$saclientpath"
exec "$saclientpath/bin/$cmd" "$#"
Then I can do this:
RUN curl https://cloud.appscan.com/api/SCX/StaticAnalyzer/SAClientUtil?os=linux --output SAClientUtil.zip
RUN unzip SAClientUtil.zip -d SAClientUtil
COPY saclientwrapper.sh /saclientwrapper.sh
RUN sh /saclientwrapper.sh appscan.sh
And this will produce, when building the image:
STEP 6: RUN sh /saclientwrapper.sh appscan.sh
got path: /SAClientUtil/SAClientUtil.8.0.1374
COMMAND SYNTAX
appscan <command> [options]
ADDITIONAL COMMAND HELP
appscan help <command>
.
.
.
I want to be able to read the contents of the file ~/.ssh/id_rsa and pass the same to my build stage of the image. When I use the command docker build --build-arg SSH_PRIVATE_KEY="$(cat ~/.ssh/id_rsa)" and then I try to echo that inside the container during a build, I get empty.
RUN echo "$SSH_PRIVATE_KEY" > /priv_key \
&& cat /priv_key
the result is
Step 6/14 : RUN echo "$SSH_PRIVATE_KEY" > /priv_key && cat /priv_key
---> Running in c8d6e3c88cd8
Removing intermediate container c8d6e3c88cd8
In the dockerfile I have ARG SSH_PRIVATE_KEY.
But when I use a dummy text like docker build --build-arg SSH_PRIVATE_KEY="dummy text" I can see it in the logs.
This causes my private key to be in invalid format since it is empty.
RUN echo "${SSH_PRIVATE_KEY}" >> /root/.ssh/id_rsa
What am I doing wrong or what is it that am not doing? Thank you
I went ahead and used ONVAULT toool to handle the ssh keys. https://github.com/dockito/vault.
Also, I had misconfigured my .ssh/config file. The new file looks like this
Host *
IgnoreUnknown AddKeysToAgent,UseKeychain
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/id_rsa
I hope it helps someone in future.
I could solve this by placing the ARG after defining the base image:
FROM ubuntu:18.04 as builder
ARG SSH_PRV_KEY
instead of
ARG SSH_PRV_KEY
FROM ubuntu:18.04 as builder
I have a makefile that looks like this:
push:
docker build -t dataengineering/dataloader .
docker tag dataengineering/dataloader:latest 127579856528.dkr.ecr.us-west-2.amazonaws.com/dataengineering/dataloader:latest
docker push 127579856528.dkr.ecr.us-west-2.amazonaws.com/dataengineering/dataloader:latest
deploy:
#if [ ! "$(environment)" ]; then echo "environment must be defined" && exit 1; fi
#if [ ! "$(target)" ]; then echo "target must be defined" && exit 1; fi
kubectl delete deploy dataloader-$(target) -n dataengineering|| continue
kubectl apply -f kube/$(environment)/deployment-$(target).yaml -n dataengineering
But I need a folder inside the dataloader in order for my dockerfile to actually work.
Does this work?
push:
cd ..; cp -r datastore/ dataloader/
docker build -t dataengineering/dataloader .
docker tag dataengineering/dataloader:latest 1111111111.dkr.ecr.us-west-2.amazonaws.com/dataengineering/dataloader:latest
docker push 11111111111.dkr.ecr.us-west-2.amazonaws.com/dataengineering/dataloader:latest
deploy:
#if [ ! "$(environment)" ]; then echo "environment must be defined" && exit 1; fi
#if [ ! "$(target)" ]; then echo "target must be defined" && exit 1; fi
kubectl delete deploy dataloader-$(target) -n dataengineering|| continue
kubectl apply -f kube/$(environment)/deployment-$(target).yaml -n dataengineering
My dockerfile:
FROM python:3.7
WORKDIR /var/dataloader
COPY assertions/ ./assertions/
...
COPY datastore/ ./datastore/
RUN pip3 install -r requirements.txt
ENTRYPOINT ["python", "dataloader.py"]
If all you need is to copy the directory into the current directory (which would server as your Docker context), you can use cp -r ../datastore/ dataloader/. Unless you want the dataloader directory to be in the same directory as the datastore directory, then you'd do cp -r ../datastore/ ../dataloader/.
Say I have this:
ARG my_user="root" # my_user => default is "root"
USER $my_user
ENV USER=$my_user
All good so far, but now we get here:
ENV HOME="/root"
is there a way to do something like this:
ENV HOME $my_user === "root"? "/root" : "/home/$my_user"
Obviously, that's the wrong syntax.
The only solution I can think of is to just use two --build-args, something like this:
docker build -t zoom \
--build-arg my_user="foo" \
--build-arg my_home="/home/foo" \
.
Unfortunately you can't do this directly
https://forums.docker.com/t/how-do-i-send-runs-output-to-env-in-dockerfile/16106/3
So you have two alternatives
Use a shell script at start
You can use a shell script at the start
CMD /start.sh
And in your start.sh you can have that logic
if [ $X == "Y" ]; then
export X=Y
else
export X=Z
fi
Create a profile environment variable
FROM alpine
RUN echo "export NAME=TARUN" > /etc/profile.d/myenv.sh
SHELL ["/bin/sh", "-lc"]
CMD env
And then you when you run it
$ docker run test
HOSTNAME=d98d44fa1dc9
SHLVL=1
HOME=/root
PAGER=less
PS1=\h:\w\$
NAME=TARUN
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PWD=/
CHARSET=UTF-8
Note: The SHELL ["/bin/sh", "-lc"] is quite important here, else the profile will not be loaded
Note2: Instead of RUN echo "export NAME=TARUN" > /etc/profile.d/myenv.sh you can also do a COPY myevn.sh /etc/profile.d/myenv.sh and have the file be present in your build context