Last active
September 2, 2024 04:16
-
-
Save duruyao/ea8312f4420c7697f2562e2c6c53acb3 to your computer and use it in GitHub Desktop.
A third-party Docker container directory permissions pre-checker.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| ## date: 2022-10-13 | |
| ## author: [email protected] | |
| ## file: docker-checker.sh | |
| ## desc: check path permissions before starting the docker image | |
| set -euo pipefail | |
| function error_ln() { | |
| # usage: error_ln "error message" | |
| printf "\033[1;32;31m%s\n\033[m" "${1}" | |
| } | |
| function warning_ln() { | |
| # usage: warning_ln "warning message" | |
| printf "\033[1;32;33m%s\n\033[m" "${1}" | |
| } | |
| function info_ln() { | |
| # usage: info_ln "info message" | |
| printf "\033[1;32;32m%s\n\033[m" "${1}" | |
| } | |
| function debug_ln() { | |
| # usage: debug_ln "debug message" | |
| printf "%s\n" "${1}" | |
| } | |
| DOCKER_CMD=() | |
| DOCKER_EXEC=("/usr/bin/docker") | |
| DOCKER_OPTIONS=("$@") | |
| read_only_dirs=() | |
| admin_mail="[email protected]" | |
| report_error=${DOCKER_COMMAND_CHECKER_REPORT_ERROR-true} | |
| while (($#)); do | |
| case "${1}" in | |
| -v | --volume) | |
| host_dir="${2//\:*/}" | |
| if [ -n "${host_dir}" ]; then | |
| if ! test -w "${host_dir}"; then | |
| read_only_dirs+=("${2//\:*/}") | |
| warning_ln "Warning: Read-only directory on the host: '${host_dir}'" | |
| fi | |
| fi | |
| shift 2 | |
| ;; | |
| *) | |
| shift 1 | |
| ;; | |
| esac | |
| done | |
| if [ ${#read_only_dirs[@]} -gt 0 ]; then | |
| if ${report_error}; then | |
| error_ln "Error: Do not mount the read-only directories on the host to the container" | |
| debug_ln "Try run the command: 'export DOCKER_COMMAND_CHECKER_REPORT_ERROR=false'" | |
| info_ln "Send mail to ${admin_mail} for more information" | |
| exit 1 | |
| fi | |
| warning_ln "Warning: Do not write to the read-only directories on the host in the container" | |
| info_ln "Send mail to ${admin_mail} for more information" | |
| printf "Are you sure you want to continue running the command? [Y/n] " | |
| read -r continue | |
| if echo "${continue}" | grep -q -E "n|N|no|No|NO"; then exit 0; fi | |
| fi | |
| DOCKER_CMD=(${DOCKER_EXEC[@]+"${DOCKER_EXEC[@]}"} ${DOCKER_OPTIONS[@]+"${DOCKER_OPTIONS[@]}"}) | |
| echo ${DOCKER_CMD[@]+"${DOCKER_CMD[@]}"} >"${HOME}"/.docker_command | |
| ${DOCKER_CMD[@]+"${DOCKER_CMD[@]}"} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| ## date: 2022-10-17 | |
| ## author: [email protected] | |
| ## file: setup-docker-checker.sh | |
| ## desc: setup the docker-command-checker.sh | |
| set -euo pipefail | |
| sudo cp docker-command-checker.sh /usr/local/bin/docker-command-checker.sh | |
| sudo chmod +x /usr/local/bin/docker-command-checker.sh | |
| echo " | |
| alias docker=\"docker-command-checker.sh\" | |
| #unalias docker | |
| " >>"${HOME}"/.bashrc | |
| source "${HOME}"/.bashrc |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1. Setup
2. Usage