Skip to content

Add Dockerfile for networkless container support; Add ghcr docker auto deploy workflow #617

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jun 4, 2021
Merged

Add Dockerfile for networkless container support; Add ghcr docker auto deploy workflow #617

merged 4 commits into from
Jun 4, 2021

Conversation

zekroTJA
Copy link
Contributor

Hey 👋

TL;DR

I've added a prerestore.Dockerfile which allows running the script wrapper in a networkless Docker container by restoring the required dependencies for the script environment inside the image creation.

This might cause some problems when the target system has not the same architecture as the system where the image was created.

Also, I've added a Workflow script to build and deploy the docker image to ghcr.io.

Details

I discovered the project when I was looking for a script engine/wrapper Docker image for .NET, so I can use it for my current little project ranna-go/ranna. ranna is using networkless Docker containers for code execution to dodge various kind of problems you can run into with arbitrary code execution in network attached containers. But when doing so with the provided image, I ran into the following problem:

$ docker run --name test -v $PWD/main.cs:/var/tmp/scripts/main.cs --network none dotnet-script /var/tmp/scripts/main.cs
Unable to restore packages from '/root/.cache/dotnet-script/var/tmp/scripts/netcoreapp3.1/script.csproj'
Make sure that all script files contains valid NuGet references

Details:
/root/.cache/dotnet-script/var/tmp/scripts/netcoreapp3.1 : dotnet restore "/root/.cache/dotnet-script/var/tmp/scripts/netcoreapp3.1/script.csproj" -r linux-x64  --configfile "/root/.nuget/NuGet/NuGet.Config"
  Determining projects to restore...
/usr/share/dotnet/sdk/3.1.408/NuGet.targets(128,5): error : Unable to load the service index for source https://api.nuget.org/v3/index.json. [/root/.cache/dotnet-script/var/tmp/scripts/netcoreapp3.1/script.csproj]
/usr/share/dotnet/sdk/3.1.408/NuGet.targets(128,5): error :   Resource temporarily unavailable [/root/.cache/dotnet-script/var/tmp/scripts/netcoreapp3.1/script.csproj]

So, I've created a kind of hacky way to solve this by running an "empty" script during the image build process to embed the restored dependencies in the image. This workaround seems to work consistently.

Also, because I need to be able to fetch the image from a package registry, I've created an Actions Workflow to build and push the image to the GitHub Container Registry, which is kind of handy because you need no DockerHub credentials in your workflow and the image is directly highlighted on the repository page.

So I want to share these findings and changes I've made with you. Maybe it comes in handy for you, so you can merge them if you want to. 😄

filipw
filipw reviewed May 10, 2021
View reviewed changes
filipw
filipw reviewed May 10, 2021
View reviewed changes
@filipw filipw merged commit 156035c into dotnet-script:master Jun 4, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@filipw filipw filipw approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@zekroTJA @filipw
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy