Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support PowerShell as ENTRYPOINT for Docker builds #8225

Closed
HofmeisterAn opened this issue Oct 14, 2019 · 7 comments · Fixed by #8240
Closed

Support PowerShell as ENTRYPOINT for Docker builds #8225

HofmeisterAn opened this issue Oct 14, 2019 · 7 comments · Fixed by #8240
Labels
builder/docker enhancement windows-host

Comments

@HofmeisterAn
Copy link
Contributor

Feature Description

Packer uses CMD (cmd.exe) as default command-line shell for Docker Windows container and appends cmd /S /C to each ENTRYPOINT or CMD. This behavior makes it impossible to execute a PowerShell as ENTRYPOINT and run a PowerShell command with CMD in it (without nested shells).

I think the user should decides in the Packer configuration which shell he or she wants to use, equivalent to the Dockerfile. Packer should not append the prefix cmd /S /C automatically.

Use Case(s)

PowerShell is de facto the default command-line shell for Windows. Compared to CMD, PowerShell supports a lot more features.

Additional Information

This Docker configuration in Packer:

"changes": [
  "ENTRYPOINT \"powershell -NoLogo -NoExit -Command\"",
  "CMD \"Write-Host \"Write this line within PowerShell.\"\"]"
]

creates following Docker image configuration:

"Entrypoint": [
    "cmd /S /C \"powershell -NoLogo -NoExit -Command\""
],
"Cmd": [
    "cmd /S /C \"Write-Host \"Write this line within PowerShell.\"\"]"
]

This will execute cmd.exe > powershell.exe > cmd.exe > 💥, because cmd.exe dose not know the PowerShell command Write-Host. I also tried to set SHELL, but this is not supported either by Packer.
@SwampDragons
Copy link
Contributor

SwampDragons commented Oct 14, 2019
edited

Thanks for opening! I took a quick look and Packer doesn't modify that "changes" field at all -- we just pass the changes straight through into the driver call. I wonder if this is prepending is something intrinsic to Docker?

I'm not sure when I'm going to have a chance to do a deep dive, but if you get a chance to run the commit call from the command line instead of letting Packer do it, we may learn what's going on here.

@HofmeisterAn
Copy link
Contributor Author

we just pass the changes straight through into the driver call

That's odd. At first, it looked like Packer appends the prefix - sorry for the assumption. I'll immediately test the command line commit tomorrow and add the missing information.

@HofmeisterAn
Copy link
Contributor Author

@SwampDragons I did some tests and found following GitHub issue and explanation.

shell form, the command is run in a shell, which by default is /bin/sh -c on Linux or cmd /S /C on Windows

It looks like Packer pass the changes in shell form instead of exec form to Docker. Even

docker commit --change='ENTRYPOINT ["powershell", "-NoExit", "-Command", ";"]' mcr.microsoft.com/windows/servercore:1803

creates the entrypoint in shell form. A Dockerfile instead creates exec form. Do you have an idea, how to setup the parameter to commit the image in exec form?

@SwampDragons
Copy link
Contributor

SwampDragons commented Oct 15, 2019
edited

hmm. Have you tried just providing that form? the code that handles this is just

https://github.com/hashicorp/packer/blob/master/builder/docker/driver_docker.go#L53-L55

That may not be enough if we have to have that '=' sign in there. If we do, updating this code to check for the syntax shouldn't be too tough.

@HofmeisterAn
Copy link
Contributor Author

HofmeisterAn commented Oct 16, 2019
edited

Ok, I got it. It's important to use the exec form for ENTRYPOINT and CMD. Otherwise, the CMD shell form will start a child CMD in PowerShell. This example works fine after the Packer build:

"changes": [
  "ENTRYPOINT [\"powershell\", \"-NoExit\", \"-Command\", \";\"]",
  "CMD [\"Write-Host\", \"Write this line within PowerShell.\"]"
],

Nevertheless, I suggest to update the documentation:

  1. ENTRYPOINT supports such as CMD array (escaped) and string form.

    packer/website/source/docs/builders/docker.html.md.erb

    Lines 95 to 101 in f0461da

    - CMD
    - String, supports both array (escaped) and string form
    - EX: `"CMD [\"nginx\", \"-g\", \"daemon off;\"]"`
    - EX: `"CMD nginx -g daemon off;"`
    - ENTRYPOINT
    - String
    - EX: `"ENTRYPOINT /var/www/start.sh"`
  2. Add the different behaviors to the documentation (shell form for strings; exec form for escaped arrays).

If you like, I can create a PR.

@SwampDragons
Copy link
Contributor

That makes sense to me. I'd love that PR.

@HofmeisterAn HofmeisterAn mentioned this issue Oct 16, 2019
Merged
SwampDragons added a commit that referenced this issue Oct 16, 2019
@SwampDragons
Merge pull request #8240 from HofmeisterAn/feature/8225-extend-docume…
a3ec70c 
…ntation-docker-shell-exec-form

#8225 Add Docker shell and exec format documentation for CMD and ENTRYPOINT
@ghost
Copy link

ghost commented Jan 23, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Jan 23, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
builder/docker enhancement windows-host
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

#8225 Add Docker shell and exec format documentation for CMD and ENTRYPOINT
2 participants
@SwampDragons @HofmeisterAn