profile
viewpoint

Ask questionsAllow COPY command's --chown to be dynamically populated via ENV or ARG

How to use COPY --chown without losing portability (recently merged from this issue)? I'll try to explain with an example wherein I find --chown causing portability issues.

Let's say I got a base image (mybase) which I use for running other containers as non-root user (let's say with UID 1000) using gosu in ENTRYPOINT. exec /usr/local/bin/gosu ${USER_NAME} "$@"

I use this base image (mybase) for building other container (let's say mycontainer) Dockerfile where I COPY some files from host to container using --chown

FROM mybase
RUN mkdir -p /tmp/build
COPY --chown=1000 . /tmp/build

Now I want the files generated via my build tool (from mycontainer) to be shared on a Docker Volume mapped with my host. Generated files would be available at specified host location but the owner of those files would be user with UID 1000. Doesn't this mean I'll need to have a user with UID 1000 on host machine for generated files to be accessible? Isn't there a way to provide value for --chown dynamically? I tired using ENV and ARG but they are not accessible in --chown.

ARG owner
COPY --chown=$owner . /tmp/build

it gives me an error

unable to convert uid/gid chown string to host mapping: can't find uid for user $owner: no such user: $owner

Steps to reproduce the issue:

  1. Add this to Dockerfile
FROM openjdk:8

ARG owner
ADD --chown=$owner . /tmp/build/platform3

CMD echo 'test'
  1. Build image sudo docker build -t test -f Dockerfile .

Describe the results you received: Result of running docker build

unable to convert uid/gid chown string to host mapping: can't find uid for user $owner: no such user: $owner

Describe the results you expected: Expected result should be to get owner information from build arguments

Output of docker version:

Client:
 Version:      17.09.0-ce
 API version:  1.32
 Go version:   go1.8.3
 Git commit:   afdb6d4
 Built:        Tue Sep 26 22:42:38 2017
 OS/Arch:      linux/amd64

Server:
 Version:      17.09.0-ce
 API version:  1.32 (minimum version 1.12)
 Go version:   go1.8.3
 Git commit:   afdb6d4
 Built:        Tue Sep 26 22:41:20 2017
 OS/Arch:      linux/amd64
 Experimental: false

Output of docker info:

Containers: 1
 Running: 0
 Paused: 0
 Stopped: 1
Images: 15
Server Version: 17.09.0-ce
Storage Driver: aufs
 Root Dir: /docker/pd0/aufs
 Backing Filesystem: extfs
 Dirs: 18
 Dirperm1 Supported: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 06b9cb35161009dcb7123345749fef02f7cea8e0
runc version: 3f2f8b84a77f73d38244dd690525642a72156c64
init version: 949e6fa
Security Options:
 apparmor
Kernel Version: 3.13.0-129-generic
Operating System: Ubuntu 14.04.5 LTS
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 14.69GiB
Name: ip-172-31-35-149
ID: KR63:RIDQ:SQNY:3ESC:5OA6:4DFT:QXSB:YE6M:727G:H7O2:REIS:RSFA
Docker Root Dir: /docker/pd0
Debug Mode (client): false
Debug Mode (server): false
Username: mavericksid
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

WARNING: No swap limit support

moby/moby

Answer questions m-hu

Run chown ${envvar}

For instance

Le dim. 31 mars 2019 à 06:04, Kim Carter notifications@github.com a écrit :

What's the work around to lack of string expansion other than hard coding?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/moby/moby/issues/35018#issuecomment-478310131, or mute the thread https://github.com/notifications/unsubscribe-auth/ACcfr0IGust5-OyR_NHdLTXH7Yqf4Wg3ks5vcDPHgaJpZM4PnKcX .

useful!

Related questions

Swarm restarts all containers hot 2
integration: "error reading the kernel parameter" errors during CI hot 2
can not successfully install docker-ce on ubuntu 16.04 ? why ,Can you help me? hot 1
OCI runtime exec failed: exec failed: cannot exec a container that has stopped: unknown hot 1
windowsRS1 and windowsRS5-process are failing due to "Unable to delete '\gopath\src\github.com\docker\docker" hot 1
Panic: runtime error: invalid memory address or nil pointer dereference hot 1
Error response from daemon: rpc error: code = DeadlineExceeded desc = context deadline exceeded hot 1
one container in the overlay network not available hot 1
Containers on overlay network cannot reach other containers hot 1
"initgroups, operation not permitted" error in apache2-mpm-itk when inside Docker - moby hot 1
[Windows] windowsfilter folder impossible to delete hot 1
swarm node lost leader status hot 1
New-SmbGlobalMapping don't continued working in Container hot 1
failed to export image: failed to create image: failed to get layer: layer does not exist hot 1
"docker stack deploy">"rpc error: code = 3 desc = name must be valid as a DNS name component" hot 1
Github User Rank List