Skip to content
Snippets Groups Projects
Commit 5798f15c authored by Florian Fischer's avatar Florian Fischer
Browse files

add docker tooling

Usage run "docker.sh <your command>" to execute <your command> in the
docker image extracted from .gitlab-ci.yml in the emper root directory

NOTE: seccomp filtering is disabled for now since io_uring_* syscalls
are not working everywhere as expected.
parent c60a2484
No related branches found
No related tags found
1 merge request!219Add docker tooling
#!/usr/bin/env bash
# The directory of this script is also EMPER's root directory.
EMPER_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
IMAGE=$(sed --regexp-extended --quiet 's;^image: "([^"]*)"$;\1;p' "${EMPER_ROOT}/.gitlab-ci.yml")
docker run \
--volume="${EMPER_ROOT}:${EMPER_ROOT}" \
--interactive \
--tty \
--env USER_ID="${UID}" \
--env GROUP_ID="$(id -g ${USER})" \
--security-opt=seccomp:unconfined \
"${IMAGE}" \
"${EMPER_ROOT}/tools/docker-prepare" "${EMPER_ROOT}" $@
#!/usr/bin/env bash
set -euo pipefail
useradd -u "${USER_ID}" -o -m user
groupmod -g "${GROUP_ID}" user
OUTSIDE_EMPER_ROOT="${1}"
shift
cd "${OUTSIDE_EMPER_ROOT}"
# shellcheck disable=SC2068
exec sudo -u user $@
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment