Docker executor does not run shell detection script when Docker ENTRYPOINT exists
Summary
When investigating #4125 (closed), I discovered that when a Docker image has an entrypoint defined, the shell detection script is ignored when the Docker executor is used.
Steps to reproduce
-
use the Dockerfile and CI job in (minimal project)[https://gitlab.com/therisen06/entrypoint-debug]
-
In https://gitlab.com/gitlab-org/gitlab-runner/-/blob/main/shells/bash.go#L18-37, add an echo into the bash detection script like this:
const BashDetectShellScript = `echo "bash detection running"
if [ -x /usr/local/bin/bash ]; then
exec /usr/local/bin/bash $@
elif [ -x /usr/bin/bash ]; then
exec /usr/bin/bash $@
elif [ -x /bin/bash ]; then
exec /bin/bash $@
elif [ -x /usr/local/bin/sh ]; then
exec /usr/local/bin/sh $@
elif [ -x /usr/bin/sh ]; then
exec /usr/bin/sh $@
elif [ -x /bin/sh ]; then
exec /bin/sh $@
elif [ -x /busybox/sh ]; then
exec /busybox/sh $@
else
echo shell not found
exit 1
fi
-
build and run runner locally
-
in the job logs, observe that
bash detection runningdoes not show up. ex: https://gitlab.com/jcaigitlab/helloworld/-/jobs/1493376623 -
repeat steps 1 - 4 except remove the entrypoint in the Dockerfile, observe that the log does show up. ex: https://gitlab.com/jcaigitlab/helloworld/-/jobs/1493370779
<!--
Please add the definition of the job from `.gitlab-ci.yml` that is failing
inside of the code blocks (```) below.
-->
<details>
<summary> .gitlab-ci.yml </summary>
```yml
Add the job definition that is failing hereActual behavior
When a Dockerfile has an entrypoint defined, the bash detection script does not run
Expected behavior
Even if a Dockerfile has an entrypoint deined, the bash detection script should run
job log with Dockerfile with an entrypoint:
[0KRunning with gitlab-runner development version (HEAD)[0;m
[0K on docker EqNv5QKx[0;m
section_start:1628630087:resolve_secrets
[0K[0K[36;1mResolving secrets[0;m[0;m
section_end:1628630087:resolve_secrets
[0Ksection_start:1628630087:prepare_executor
[0K[0K[36;1mPreparing the "docker" executor[0;m[0;m
[0KUsing Docker executor with image registry.gitlab.com/jcaigitlab/helloworld/entrypoint-debug:latest ...[0;m
[0KAuthenticating with credentials from /Users/johncai/.docker/config.json[0;m
[0KPulling docker image registry.gitlab.com/jcaigitlab/helloworld/entrypoint-debug:latest ...[0;m
[0KUsing docker image sha256:830a381fc972ab889b93e371b2f12e623f1714fd35e02ec54a010703979584d9 for registry.gitlab.com/jcaigitlab/helloworld/entrypoint-debug:latest with digest registry.gitlab.com/jcaigitlab/helloworld/entrypoint-debug@sha256:75f59b60e8e4fd147360e93e1acf5f2c042d1081923a0d22c572621117a03295 ...[0;m
section_end:1628630089:prepare_executor
[0Ksection_start:1628630089:prepare_script
[0K[0K[36;1mPreparing environment[0;m[0;m
Running on runner-eqnv5qkx-project-28145097-concurrent-0 via Johns-MacBook-Pro-3.local...
section_end:1628630089:prepare_script
[0Ksection_start:1628630089:get_sources
[0K[0K[36;1mGetting source from Git repository[0;m[0;m
[32;1mFetching changes with git depth set to 50...[0;m
Reinitialized existing Git repository in /builds/jcaigitlab/helloworld/.git/
[32;1mChecking out fdf425e8 as entrypoint-debug...[0;m
[32;1mSkipping Git submodules setup[0;m
section_end:1628630090:get_sources
[0Ksection_start:1628630090:step_script
[0K[0K[36;1mExecuting "step_script" stage of the job script[0;m[0;m
[0KUsing docker image sha256:830a381fc972ab889b93e371b2f12e623f1714fd35e02ec54a010703979584d9 for registry.gitlab.com/jcaigitlab/helloworld/entrypoint-debug:latest with digest registry.gitlab.com/jcaigitlab/helloworld/entrypoint-debug@sha256:75f59b60e8e4fd147360e93e1acf5f2c042d1081923a0d22c572621117a03295 ...[0;m
this is a custom entrypoint running
[32;1m$ whoami[0;m
nobody
[32;1m$ ls -lart /tmp[0;m
total 12
-rw-r--r-- 1 root root 38 Aug 10 21:14 debug.log
drwxr-xr-x 1 root root 4096 Aug 10 21:14 ..
drwxrwxrwt 1 root root 4096 Aug 10 21:14 .
[32;1m$ cat /tmp/debug.log[0;m
this has been executed as user:
root
[32;1m$ date +%s[0;m
1628630091
section_end:1628630091:step_script
[0Ksection_start:1628630091:cleanup_file_variables
[0K[0K[36;1mCleaning up file based variables[0;m[0;m
section_end:1628630092:cleanup_file_variables
[0K[32;1mJob succeeded[0;mjob log with Dockerfile w/out an entrypoint:
[0KRunning with gitlab-runner development version (HEAD)[0;m
[0K on docker EqNv5QKx[0;m
section_start:1628629912:resolve_secrets
[0K[0K[36;1mResolving secrets[0;m[0;m
section_end:1628629912:resolve_secrets
[0Ksection_start:1628629912:prepare_executor
[0K[0K[36;1mPreparing the "docker" executor[0;m[0;m
[0KUsing Docker executor with image registry.gitlab.com/jcaigitlab/helloworld/entrypoint-debug:latest ...[0;m
[0KAuthenticating with credentials from /Users/johncai/.docker/config.json[0;m
[0KPulling docker image registry.gitlab.com/jcaigitlab/helloworld/entrypoint-debug:latest ...[0;m
[0KUsing docker image sha256:1b605cc5c181cbe769aec05993f82e18119d4f8e1b1e1bbafc11285fbfe35e82 for registry.gitlab.com/jcaigitlab/helloworld/entrypoint-debug:latest with digest registry.gitlab.com/jcaigitlab/helloworld/entrypoint-debug@sha256:b5cb423a19749aea157b63b062ad6860b737fbd848593e3a86f23fbe9bb59155 ...[0;m
section_end:1628629914:prepare_executor
[0Ksection_start:1628629914:prepare_script
[0K[0K[36;1mPreparing environment[0;m[0;m
Running on runner-eqnv5qkx-project-28145097-concurrent-0 via Johns-MacBook-Pro-3.local...
section_end:1628629915:prepare_script
[0Ksection_start:1628629915:get_sources
[0K[0K[36;1mGetting source from Git repository[0;m[0;m
[32;1mFetching changes with git depth set to 50...[0;m
Reinitialized existing Git repository in /builds/jcaigitlab/helloworld/.git/
[32;1mChecking out fdf425e8 as entrypoint-debug...[0;m
[32;1mSkipping Git submodules setup[0;m
section_end:1628629916:get_sources
[0Ksection_start:1628629916:step_script
[0K[0K[36;1mExecuting "step_script" stage of the job script[0;m[0;m
[0KUsing docker image sha256:1b605cc5c181cbe769aec05993f82e18119d4f8e1b1e1bbafc11285fbfe35e82 for registry.gitlab.com/jcaigitlab/helloworld/entrypoint-debug:latest with digest registry.gitlab.com/jcaigitlab/helloworld/entrypoint-debug@sha256:b5cb423a19749aea157b63b062ad6860b737fbd848593e3a86f23fbe9bb59155 ...[0;m
this is bash detection
[32;1m$ whoami[0;m
root
[32;1m$ ls -lart /tmp[0;m
total 8
drwxrwxrwt 2 root root 4096 Jun 15 14:34 .
drwxr-xr-x 1 root root 4096 Aug 10 21:11 ..
[32;1m$ cat /tmp/debug.log[0;m
cat: can't open '/tmp/debug.log': No such file or directory
section_end:1628629917:step_script
[0Ksection_start:1628629917:cleanup_file_variables
[0K[0K[36;1mCleaning up file based variables[0;m[0;m
section_end:1628629917:cleanup_file_variables
[0K[31;1mERROR: Job failed: exit code 1[0;mEdited by John Cai