#332 docker: Do not hardcode entry point
Opened 2 years ago by till. Modified 2 years ago
till/standard-test-roles docker_entrypoint  into  master

@@ -96,9 +96,7 @@ 

      # And launch the actual container

      cmd = [

          "/usr/bin/docker", "run", "--detach", "--cidfile={0}".format(cidfile),

-     ] + extra_arg_list + [

-         "--entrypoint=/bin/sh", image, "-c", "sleep 1000000"

-     ]

+     ] + extra_arg_list + [image, "-c", "sleep 1000000"]

      try:

          subprocess.check_call(cmd, stdout=sys.stderr.fileno())

      except subprocess.CalledProcessError:

Do not hardcode an entry point because images with systemd need
/usr/sbin/init as entry point and not /bin/sh. Container images can
specify the entry point in the container specification (Dockerfile). If
it is necessary to specify it on the command line, users can use
TEST_DOCKER_EXTRA_ARGS to set an entry point.

This fixes #330

I've tried this patch using the copr build [1], unfortunately this patch broke how we run the tests by default:

ANSIBLE_INVENTORY=$(test -e inventory && echo inventory || echo /usr/share/ansible/inventory) TEST_SUBJECTS=docker:docker.io/fedora:rawhide ansible-playbook --tags=container tests.yml

019-04-18 09:19:46,702 [standard-inventory-docker/MainThread  ] [INFO ]:Start provisioner.
2019-04-18 09:19:46,702 [standard-inventory-docker/MainThread  ] [INFO ]:Launching Docker container for docker.io/fedora:rawhide
2019-04-18 09:19:47,765 [standard-inventory-docker/MainThread  ] [INFO ]:Fatal error in provision script.
Traceback (most recent call last):
File "/usr/share/ansible/inventory/standard-inventory-docker", line 101, in inv_host
    subprocess.check_call(cmd, stdout=sys.stderr.fileno())
File "/usr/lib64/python3.7/subprocess.py", line 347, in check_call
    raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['/usr/bin/docker', 'run', '--detach', '--cidfile=/tmp/inventory-dockerv76uxuek/cid', 'docker.io/fedora:rawhide', '-c', 'sleep 1000000']' returned non-zero exit status 127.

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/share/ansible/inventory/standard-inventory-docker", line 227, in <module>
    main(sys.argv)
File "/usr/share/ansible/inventory/standard-inventory-docker", line 220, in main
    data = inv_list(opts.subjects, opts.docker_extra_args)
File "/usr/share/ansible/inventory/standard-inventory-docker", line 58, in inv_list
    name, host_vars = inv_host(subject, docker_extra_args)
File "/usr/share/ansible/inventory/standard-inventory-docker", line 103, in inv_host
    raise RuntimeError("Could not start container image: {0}".format(image))
RuntimeError: Could not start container image: docker.io/fedora:rawhide
2019-04-18 09:19:47,823 [standard-inventory-local/MainThread  ] [INFO ]:Start provisioner.
2019-04-18 09:19:47,912 [standard-inventory-qcow2/MainThread  ] [INFO ]:Start provisioner.
2019-04-18 09:19:47,912 [standard-inventory-qcow2/MainThread  ] [INFO ]:Path to ansible: /usr/bin/ansible
2019-04-18 09:19:47,912 [standard-inventory-qcow2/MainThread  ] [INFO ]:Return empty inventory for image: docker:docker.io/fedora:rawhide.
2019-04-18 09:19:47,961 [standard-inventory-rpm/MainThread  ] [INFO ]:Start provisioner.

I guess by default we should continue to use entry point to /bin/sh, but allow the entry point to be overwritten.

[1] https://copr.fedorainfracloud.org/coprs/g/osci/standard-test-roles/build/883687/

Should the fedora image maybe define an entrypoint by default instead? The problem with specifying it at the command line is that it overwrites any specification in the container image itself. An alternative would be to only overwrite the entrypoint if docker inspect shows that there is no entrypoint:
https://forums.docker.com/t/how-can-i-determine-entrypoint-cmd-are-on-an-image/1243