New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Commit merges config from image, not container. #4885
Conversation
This means, for example, the command specified on the `docker run` command line will not clobber that of the image which the container was run from. Docker-DCO-1.1-Signed-off-by: Paul Annesley <paul@annesley.cc> (github: pda)
@pda In your Problem I think that is totally valid. If you want to override the command on your run you can. This is how CMD has worked forever. |
As a side note, that's how |
@pda why are you passing a CMD on |
Argh, I accidentally deleted my comment. You probably got it via email. Feel free to paste it as a quote, I've lost it completely. I was going to add:
Worth noting this change would only effect a behavior that is brand new in Docker 0.9.1. |
Here's an example of a # Copy and build codebase.
docker run \
--cidfile=$CID_FILE \
--volume $(pwd):/codebase-volume \
--env MAKE_PROFILE=1 \
$BASE_IMAGE \
bash -c "mkdir -p /codebase && cd /codebase && \
git clone /codebase-volume/.git . && \
rm -r .git && \
make setup-toolchain build"
docker commit $(cat $CID_FILE) $BUILD_IMAGE |
@pda why would you commit that if you don't want the results? Just trying to understand how you are using it. |
We absolutely want the resulting container/image filesystem that came from that What we don't want is for that one-off command to become part of the image metadata / config. To outline the build pipeline:
|
Interesting… so Dockerfile So this could be addressed as per this PR, or by changing how |
+1, I thought the image's CMD would be remembered after @crosbymichael Re why would I commit when I don't want the results: I'm new to Docker, but thus far I've sometimes run |
ping @vieux I believe this as been discussed in another issue. Should we close? |
I'm pretty sure it's not relevent anymore. We changed the way we merged the config. |
Please say something if I'm wrong |
@vieux It looks like this issue is still present in 1.4.1. Here is an example of CMD getting clobbered: With this base Dockerfile
I do:
Now I want to modify the file system by running some commands (real example could be updating source, building assets, changing config)
I would have expected the output of that last run to be |
Yes, this makes docker somewhat useless for a fairly simple build process. It seemed easy enough: Build a base image. Run a command in a container to update the sources. Commit that container to a deployable image, and push it to your repository as the latest version of the production container. Only - when you commit, you get the command that was passed in as part of your build process, not the command in the base image that was missing sources. Example:
When I run the image with $built_image_name, it runs "mkdir -p /app" and exits. It doesn't really make sense to create a new Dockerfile with an ADD statement here, since I want to be able to build images from multiple base images (i.e. staging/server, stable/server, etc) and have the rest of the process be the same - so we can test out upgrades before pushing to our production images. |
Background
#1141 reported that
docker commit
drops the entire config in the resulting image. Specifically, the wording was “the configuration the image had is not kept.”#4000 landed in v0.9.1, which uses the container config as the base config for
docker commit
, and merges in any additional config passed bydocker commit --run=…
.Problem
Any command specified on the
docker run
command line will clobber the default command configured in the original image (config.Cmd
). For example, given$image
built withCMD /bin/true
, runningdocker run $image touch /hello
and thendocker commit $container new_image
, the resulting image will havetouch /hello
instead of/bin/true
.Proposal
The image created by
docker commit $container $image
should have its config based on$container
's image, not on$container
's own config.This is more in line with the original request, to keep the config that “the image had”. It also makes it more useful for preserving
Cmd
, which is a prime use-case for the config-merge.If a user wants config changes introduced by the
docker run
command to land in the committed image, they can pass them todocker commit --run=…
. It's preferable to have to do this, compared to Dockerfile-declared configuration being clobbered.Example
Output (before this PR):
Output (after this PR):
TODO
TestMergeConfigOnCommit
inintegration/server_test.go
reflects this change.