Skip to content

Commit

Permalink
Merge pull request #1743 from mjudeikis/osa.test.add.entrypoint
Browse files Browse the repository at this point in the history
add mount files for non priv run
  • Loading branch information
openshift-merge-robot authored Sep 27, 2018
2 parents d86a4f9 + 4797dd2 commit b7b563a
Show file tree
Hide file tree
Showing 3 changed files with 45 additions and 0 deletions.
9 changes: 9 additions & 0 deletions projects/azure/base-images/test-base.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,10 @@ items:
kind: ImageStreamTag
name: test-base:latest
source:
git:
uri: "https://github.com/openshift/release"
ref: "master"
contextDir: "projects/azure/base-images/test-base"
dockerfile: |
FROM docker.io/centos:7
# install golang-1.10
Expand Down Expand Up @@ -51,6 +55,11 @@ items:
go get golang.org/x/tools/cmd/goimports && \
chmod 777 -R /go/bin
RUN yum clean all
# Add image scripts and files for running as non priv container
COPY root /
RUN /usr/local/bin/user_setup
USER ${USER_UID}
ENTRYPOINT [ "/usr/local/bin/entrypoint" ]
type: Dockerfile
strategy:
dockerStrategy:
Expand Down
17 changes: 17 additions & 0 deletions projects/azure/base-images/test-base/root/usr/local/bin/entrypoint
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
#!/bin/bash -e
#
# This file serves as the main entrypoint to the azure image.
#
# For more information see the documentation in openshift-ansible
# https://github.com/openshift/openshift-ansible/blob/master/README_CONTAINER_IMAGE.md


# Patch /etc/passwd file with the current user info.
# The current user's entry must be correctly defined in this file in order for
# the `ssh` command to work within the created container.

if ! whoami &>/dev/null; then
echo "${USER:-default}:x:$(id -u):$(id -g):Default User:$HOME:/sbin/nologin" >> /etc/passwd
fi

exec "$@"
19 changes: 19 additions & 0 deletions projects/azure/base-images/test-base/root/usr/local/bin/user_setup
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
#!/bin/sh
set -x

# ensure $HOME exists and is accessible by group 0 (we don't know what the runtime UID will be)
mkdir -p ${HOME}
chown ${USER_UID}:0 ${HOME}
chmod ug+rwx ${HOME}

# runtime user will need to be able to self-insert in /etc/passwd
chmod g+rw /etc/passwd

# ensure that the image content is accessible
chmod -R g+r ${WORK_DIR}
find ${WORK_DIR} -type d -exec chmod g+x {} +
# ensure that the dynamic inventory dir can have content created
find ${WORK_DIR} -type d -exec chmod g+wx {} +

# no need for this script to remain in the image after running
rm $0

0 comments on commit b7b563a

Please sign in to comment.