问题
I am trying to run gitlab ci which contains custom php image. The before_script invokes docker_install.sh
In docker_install.sh I executed whoami it gives "docker". I tried to list down groups it gives "docker sudo".
When I try to execute further instructions in docker_install.sh file, like
cp ci/php.ini /etc/php/7.4/cli/php.ini
It does not execute and gives error cp: cannot create regular file '/etc/php/7.4/cli/php.ini': Permission denied
If I do
sudo cp ci/php.ini /etc/php/7.4/cli/php.ini
it executes successfully. However there are many such instruction for which I do not want to append sudo.
What is the solution to this problem?
回答1:
Docker user doesn't have root permissions.
Gitlab CI doesn't allow you modifying the user
One way is to derive FROM the original image by Dockerfile set user to USER root and after you have finished with your installation back to USER docker. Or leave it at root and just run your CI job.
Another less secure way is using su-exec (instead of sudo) https://github.com/ncopa/su-exec
来源:https://stackoverflow.com/questions/65154074/gitlab-ci-invokes-docker-install-sh-and-always-runs-instruction-with-sudo