英文:
Is it possible to copy files from a manifest or whitelist in a Dockerfile?
问题
Docker支持使用.dockerignore
文件来排除COPY
命令中的文件。我所要找的是相反的操作:一种从清单中白名单或复制文件的方式。
可以通过运行以下命令来创建这样的清单:
git ls-files > files-to-include.txt
Dockerfile语法是否支持这样的功能?还是有其他方法可以实现相同的结果?
英文:
I know that docker supports a .dockerignore
file to exclude files for COPY
commands. What I am looking for is opposite: a way to whitelist or copy files from a manifest.
One can create such a manifest by running:
git ls-files > files-to-include.txt
Does the Dockerfile syntax support such feature? Or is there another way to get the same result?
答案1
得分: 1
以下是已翻译的内容:
没有内置的方法来实现这一点。但是,通过一些小的修改,你可以创建一个"反向dockerignore文件",就像这样:
include.sh
#!/usr/bin/env sh
FILE=.dockerignore
# 添加git索引文件
git ls-files > $FILE
# 在每一行前面添加NOT符号以保留
sed -i 's/^/!/' $FILE
# 在文件中添加*作为第一行
sed -i '1s/^/*\n&/' $FILE
.dockerignore
结果类似于以下内容:
*
!.dockerignore
!.gitignore
!Dockerfile
!LICENSE
!README.md
!bin/action.sh
!bin/commitlint
!commitlint-plugin-tense/blacklist.txt
!commitlint-plugin-tense/index.js
!commitlint-plugin-tense/index.test.js
!commitlint-plugin-tense/package-lock.json
!commitlint-plugin-tense/package.json
!commitlint.config.js
!package.json
!yarn.lock
结论
第一行的 *
忽略所有文件。前缀为 !
的每个后续行告诉 Docker 不要忽略给定的文件。结果基本上是一个要在 Dockerfile
中使用 COPY
指令添加的文件白名单。需要注意的主要事项是,当添加或删除文件时,此文件可能会迅速过时,需要不断维护。
英文:
There is no built-in way to do this. However, with a little hacking you can create an "inverse dockerignore file" like this:
include.sh
#!/usr/bin/env sh
FILE=.dockerignore
# add git indexed files
git ls-files > $FILE
# add NOT symbol in front of each line to keep
sed -i 's/^/!/' $FILE
# add * as the first line in the file
sed -i '1s/^/*\n&/' $FILE
.dockerignore
The result is something like this:
*
!.dockerignore
!.gitignore
!Dockerfile
!LICENSE
!README.md
!bin/action.sh
!bin/commitlint
!commitlint-plugin-tense/blacklist.txt
!commitlint-plugin-tense/index.js
!commitlint-plugin-tense/index.test.js
!commitlint-plugin-tense/package-lock.json
!commitlint-plugin-tense/package.json
!commitlint.config.js
!package.json
!yarn.lock
Conclusion
The first line *
ignores all files. Each subsequent line in the prefixed with !
tells Docker to NOT ignore the given file. The result is essentially a whitelist of files to add using COPY
directive in a Dockerfile
. The main thing to watch out for is that this file can quickly become obsolete when adding or removing files and would have to be constantly maintained.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论