Docker COPY主机$ {HOME} /。cache到容器 [英] Docker COPY Host ${HOME}/.cache to container
问题描述
我想将我的winetricks缓存复制到docker容器中:
I would like to copy my winetricks cache over to the docker container:
主机:
~/.cache/winetricks
到容器
/home/myUser/.cache/winetricks.
我当前的方法是在Docker根目录中创建缓存的副本并使用 COPY 将缓存移至容器。
My current approach is to create a copy of the cache in the docker root and use COPY to move the cache over to the container. This will make the cache available at build time.
我正在使用这种方法来节省构建时间。 Docker COPY 命令在生产中已被注释掉。
I am using the approach to save build time. The Docker COPY command is commented out in production.
这是我的问题:
为什么要做我必须复制〜/ .cache 目录吗?
为什么不能将目录从Docker根目录外部复制到容器?
So here is my question:
Why do I have to make a duplicate of my ~/.cache directory?
Why can I not copy a directory from outside of the docker root to the container?
推荐答案
这是我的问题:为什么必须复制〜/ .cache目录?为什么不能将目录从Docker根目录之外复制到容器中?
So here is my question: Why do I have to make a duplicate of my ~/.cache directory? Why can I not copy a directory from outside of the docker root to the container?
。在命令行末尾,指示将当前目录作为上下文发送。
The first step of a docker build command is to send the build context to the docker engine performing the build. This engine may be on a remote server. This build context is typically a . at the end of the command line indicating to send the current directory as your context.
此上下文用于每个 COPY 和 ADD 命令,并且该上下文中未包含的任何文件均不可用 COPY 和 ADD 。更改行为以允许访问主机上的所有文件,将破坏Docker构建的客户端/服务器设计,并引入一个安全漏洞,有人可以将恶意Dockerfile发送到构建服务器,并使用该文件从服务器中提取秘密数据到
This context is used for every COPY and ADD command, and any file not included in the context is unavailable for the COPY and ADD. Changing the behavior to allow all files on the host to be accessible would break the client/server design of docker builds and introduce a security vulnerability where someone could send a malicious Dockerfile to the build server and use that to extract secret data from the server into the image.
您可以将构建上下文更改为您的主目录,而不是项目子目录。为此,您还需要使用相对于<$的路径更新所有 COPY 和 ADD 命令。 c $ c> $ HOME 。当您将整个主目录发送到服务器时,您还将看到更长的构建时间。
You can change the build context to be your home directory, instead of your project sub-directory. To do this, you'd also need to update all the COPY and ADD commands with the path relative to $HOME. You would also see a significantly longer build time as your entire home directory gets sent to the server.
对于您的特定问题,有一个新功能刚刚进入实验阶段,称为 BuildKit 。正在实施的首批功能之一是在 RUN期间安装目录命令(仅用于打包一次缓存)。
For your specific issue, there's a new feature that just entered into experimental called BuildKit. One of the first features being implemented is mounting a directory during a RUN command for the purposes of a packaging cache you only want to pull once.
这篇关于Docker COPY主机$ {HOME} /。cache到容器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
