Skip to content

Instantly share code, notes, and snippets.

@paulojeronimo
Forked from yogeek/Dockerfile
Created March 25, 2020 13:36
Show Gist options
  • Save paulojeronimo/427120725370208fb5713f20be982761 to your computer and use it in GitHub Desktop.
Save paulojeronimo/427120725370208fb5713f20be982761 to your computer and use it in GitHub Desktop.
Gosu usage in Docker
#!/bin/bash
set -e
# Change uid and gid of node user so it matches ownership of current dir
if [ "$MAP_NODE_UID" != "no" ]; then
if [ ! -d "$MAP_NODE_UID" ]; then
MAP_NODE_UID=$PWD
fi
uid=$(stat -c '%u' "$MAP_NODE_UID")
gid=$(stat -c '%g' "$MAP_NODE_UID")
echo "dev ---> UID = $uid / GID = $gid"
export USER=dev
usermod -u $uid dev 2> /dev/null && {
groupmod -g $gid dev 2> /dev/null || usermod -a -G $gid dev
}
fi
echo "**** GOSU dev $@ ..."
exec /usr/local/bin/gosu dev "$@"
FROM ubuntu
RUN apt-get install ...
# grab gosu for easy step-down from root
ENV GOSU_VERSION 1.10
RUN set -x \
&& curl -sSLo /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)" \
&& curl -sSLo /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc" \
&& export GNUPGHOME="$(mktemp -d)" \
&& gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \
&& gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \
&& rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc \
&& chmod +x /usr/local/bin/gosu \
&& gosu nobody true
# Add local user 'dev'
RUN groupadd -r dev --gid=9001 && useradd -r -g dev --uid=9001 dev
# Grant him sudo privileges
RUN echo "dev ALL=(root) NOPASSWD:ALL" > /etc/sudoers.d/dev && \
chmod 0440 /etc/sudoers.d/dev
# Do stuff with this user if needed
USER dev
ENV HOME /home/dev
WORKDIR $HOME
RUN ...
# Repass root
USER root
# Copy entrypoint
COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
CMD ["bash"]
#!/bin/bash
# Add local user
# Either use the LOCAL_USER_ID if passed in at runtime or
# fallback
USER_ID=${LOCAL_USER_ID:-9001}
echo "Starting with UID : $USER_ID"
useradd --shell /bin/bash -u $USER_ID -o -c "" -m user
export HOME=/home/user
exec /usr/local/bin/gosu user "$@"
FROM alpine
RUN apk add --update --no-cache su-exec && \
rm -rf /var/cache/apk/*
# Add entrypoint to dynamically change user uid when a container is started
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment