如何在Docker容器中生成具有与主机用户相同所有者的文件 [英] How to generate files in a docker container for having the same owner as the host's user
问题描述
我使用docker容器在git存储库中完成一些开发任务。
我使用的容器是专门为每个项目构建的,因此每个贡献者只需要
不好的一面是容器以root身份运行,因此一旦容器停止,生成的文件将由root拥有,这很糟糕。 / p>
我不能在退出之前更改容器的所有者,因为容器/ etc / passwd文件中没有所需的用户。
在编译docker镜像之前,我会在容器中创建一个用户,但是容器不会是通用的(对于我所有的开发团队而言)。
关于此的最佳实践是什么?
解决方案是创建一个新的<$ c $存储库中的c> dockerfile 基于以前的映像(预安装了devtools,但没有创建用户,但只有root用户)。
在这样的 dockerfile中,编写如下内容:
FROM< ABSTRACT_FORMER_IMAGE>
ARG username = developer
RUN useradd -r -u 1001 -g $ username $ username
USER $ username
然后,在开始工作之前,团队中的每个开发人员都应使用dockerfile为新项目+开发人员特定的容器构建自己的基础映像,并传递其用户名。
$ docker build --build-arg username = $ USER Dockerfile
那里有一些更好的做法?
I use docker containers to get some development tasks done in my git repositories.
The containers I use are built specifically for each project, that way each contributor only need docker CLI to get things done.
The bad side is the container run as root, thus generated files are owned by root once the container stops, and that's bad..
I can't change the owner in the container before exiting because there isn't the required user in the container /etc/passwd file.
I would create a user in the container before compiling the docker image but then the container won't be universal (for all my dev team).
What is the best practice(s) about that ?
A solution is to create a new dockerfile in the repository which is based on the former image (pre-installed with devtools but with no user created but root).
In a such dockerfile, write something like the following:
FROM <ABSTRACT_FORMER_IMAGE>
ARG username=developer
RUN useradd -r -u 1001 -g $username $username
USER $username
Then, before starting to work, each developer in the team should use the dockerfile to build its own base image for new project+developer specific containers, passing its username.
$ docker build --build-arg username=$USER Dockerfile
Some better practices out there ?
这篇关于如何在Docker容器中生成具有与主机用户相同所有者的文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
