Skip to content

Commit cb16b81

Browse files
benmabenma
committed
scripts: make dockerenv.sh and docker_exec.sh podman-compatible
podman is a (almost) drop-in replacment to docker that runs rootless and without a daemon. Since it runs rootless, it maps the host user to the root user inside the container. This clashes with the tricks used for docker to mount the volume with the same host user id and group id. This script removes these docker tricks when using podman.
1 parent ef4b058 commit cb16b81

File tree

2 files changed

+44
-13
lines changed

2 files changed

+44
-13
lines changed

scripts/docker_exec.sh

Lines changed: 16 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,9 +18,16 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
1818
PROJECT_NAME="$(basename $(realpath "$DIR/.."))"
1919
CONTAINER_NAME=$PROJECT_NAME-dev
2020

21+
if [ -n "$CONTAINER_RUNTIME" ]; then
22+
RUNTIME="$CONTAINER_RUNTIME"
23+
elif command -v podman &>/dev/null; then
24+
RUNTIME=podman
25+
else
26+
RUNTIME=docker
27+
fi
2128

2229
function docker_cleanup {
23-
docker exec $IMAGE bash -c "if [ -f $PIDFILE ]; then kill -TERM -\$(cat $PIDFILE); rm $PIDFILE; fi"
30+
$RUNTIME exec $IMAGE bash -c "if [ -f $PIDFILE ]; then kill -TERM -\$(cat $PIDFILE); rm $PIDFILE; fi"
2431
}
2532

2633
# See https://github.com/moby/moby/issues/9098#issuecomment-189743947.
@@ -29,7 +36,14 @@ function docker_exec {
2936
PIDFILE=/tmp/docker-exec-$$
3037
shift
3138
trap 'kill $PID; docker_cleanup $IMAGE $PIDFILE' TERM INT
32-
docker exec --user=dockeruser --workdir="$DIR/.." -i $IMAGE bash -c "echo \"\$\$\" > $PIDFILE; eval $*" &
39+
40+
USERFLAG=""
41+
if [ "$RUNTIME" = "docker" ] ; then
42+
# Only needed for docker - see the comments in dockerenv.sh.
43+
USERFLAG="--user=dockeruser"
44+
fi
45+
46+
$RUNTIME exec $USERFLAG --workdir="$DIR/.." -i $IMAGE bash -c "echo \"\$\$\" > $PIDFILE; eval $*" &
3347
PID=$!
3448
wait $PID
3549
RESULT=$?

scripts/dockerenv.sh

Lines changed: 28 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,14 @@
1616

1717
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
1818

19+
if [ -n "$CONTAINER_RUNTIME" ]; then
20+
RUNTIME="$CONTAINER_RUNTIME"
21+
elif command -v podman &>/dev/null; then
22+
RUNTIME=podman
23+
else
24+
RUNTIME=docker
25+
fi
26+
1927
if [ "$1" = "release" ] ; then
2028
MOUNT_DIR=/bb02
2129
CONTAINER_NAME_SUFFIX=rel
@@ -37,37 +45,46 @@ dockerdev () {
3745
exit 1
3846
fi
3947

48+
USERFLAG=""
49+
if [ "$RUNTIME" = "docker" ] ; then
50+
# Only needed for docker - see the comment below.
51+
USERFLAG="--user=dockeruser"
52+
fi
53+
4054
# If already running, enter the container.
41-
if docker ps --filter "name=^${CONTAINER_NAME}$" | grep -q "$CONTAINER_NAME"; then
42-
docker exec --user=dockeruser --workdir="$MOUNT_DIR" -it "$CONTAINER_NAME" bash
55+
if $RUNTIME ps --filter "name=^${CONTAINER_NAME}$" | grep -q "$CONTAINER_NAME"; then
56+
$RUNTIME exec $USERFLAG --workdir="$MOUNT_DIR" -it "$CONTAINER_NAME" bash
4357
return
4458
fi
4559

46-
if docker ps --all --filter "name=^${CONTAINER_NAME}$" | grep -q "$CONTAINER_NAME"; then
47-
docker rm "$CONTAINER_NAME"
60+
if $RUNTIME ps --all --filter "name=^${CONTAINER_NAME}$" | grep -q "$CONTAINER_NAME"; then
61+
$RUNTIME rm "$CONTAINER_NAME"
4862
fi
4963

5064
# SYS_PTRACE is needed to run address sanitizer
51-
docker run \
65+
$RUNTIME run \
5266
--detach \
5367
--interactive --tty \
5468
--name="$CONTAINER_NAME" \
5569
-v "$repo_path":"$MOUNT_DIR" \
5670
--cap-add SYS_PTRACE \
5771
${CONTAINER_IMAGE} bash
5872

59-
# Use same user/group id as on the host, so that files are not created as root in the mounted
60-
# volume.
61-
docker exec -it "$CONTAINER_NAME" groupadd -o -g "$(id -g)" dockergroup
62-
docker exec -it "$CONTAINER_NAME" useradd -u "$(id -u)" -m -g dockergroup dockeruser
73+
if [ "$RUNTIME" = "docker" ] ; then
74+
# Use same user/group id as on the host, so that files are not created as root in the
75+
# mounted volume. Only needed for Docker. On rootless podman, the host user maps to the
76+
# container root user.
77+
$RUNTIME exec -it "$CONTAINER_NAME" groupadd -o -g "$(id -g)" dockergroup
78+
$RUNTIME exec -it "$CONTAINER_NAME" useradd -u "$(id -u)" -m -g dockergroup dockeruser
79+
fi
6380

6481
# Call a second time to enter the container.
6582
dockerdev
6683
}
6784

6885
if test "$1" == "stop"; then
69-
if docker ps -a | grep -q "$CONTAINER_NAME"; then
70-
docker stop "$CONTAINER_NAME"
86+
if $RUNTIME ps -a | grep -q "$CONTAINER_NAME"; then
87+
$RUNTIME stop "$CONTAINER_NAME"
7188
fi
7289
else
7390
dockerdev

0 commit comments

Comments
 (0)