-
Bug
-
Resolution: Unresolved
-
Low
-
None
-
2
-
Severity 3 - Minor
-
5
-
Issue Summary
Using the ADD command during a docker build when the source file is a tarfile will make docker automatically extract those files inside the image on the destination path.
However, in bitbucket pipelines, these extracted files might be set with the wrong permissions.
This issue happens specifically on the pipelines dind image 25.0.2.
This is reproducible on Data Center: (yes) / (no)
Steps to Reproduce
- Create a Dockerfile that contains an ADD command where the source file is a compressed tar file :
ADD source_path/file.tar.gz /destination_path/
- Build that Dockerfile in Pipelines (docker service version 25.0.2)
- List the permissions of the extracted files. The file owner/group owners will be set as nobody:
6 0.098 -rw-rw-r-- 1 nobody nobody 11359 Feb 23 2022 LICENSE.txt #6 0.098 -rw-rw-r-- 1 nobody nobody 596 Feb 23 2022 NOTICE.txt #6 0.098 -rw-rw-r-- 1 nobody nobody 1581 Feb 23 2022 README.adoc
Expected Results
The files should be maintain the original uid/guid
Actual Results
File owners are replaced with nobody
Workaround
As this only happens for tarfiles automatically extracted by docker when using ADD instructions, replace the instructions with COPY and RUN instead, manually uncompressing the file :
From :
ADD source_path/file.tar.gz /destination_path/
To :
COPY source_path/file.tar.gz /destination_path/ RUN tar -xf /destination_path/file.tar.gz -C /destination_path/ && rm /destination_path/file.tar.gz
| Form Name | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|