Use podman instead of docker.
This commit is contained in:
Stephane Gourichon
@@ -18,9 +18,9 @@ while IFS="" read -u 3 -r SERVICE_PATH
|
||||
do
|
||||
pushd "${SERVICE_PATH%/*}"
|
||||
pwd
|
||||
docker-compose pull || { fail_one "pull" ; continue ; }
|
||||
docker-compose build --no-cache || { fail_one "build" ; continue ; }
|
||||
docker-compose up -d || { fail_one "switch to newly built container" ; continue ; }
|
||||
podman-compose pull || { fail_one "pull" ; continue ; }
|
||||
podman-compose build --no-cache || { fail_one "build" ; continue ; }
|
||||
podman-compose up -d || { fail_one "switch to newly built container" ; continue ; }
|
||||
|
||||
popd
|
||||
done 3< <( find . -iname "compose.yaml" )
|
||||
|
||||
@@ -24,7 +24,7 @@ CONTAINER_IDS=( "$@" )
|
||||
if [[ "${#CONTAINER_IDS[@]}" == 0 ]]
|
||||
then
|
||||
echo "No container ID supplied on command line, doing them all."
|
||||
mapfile -t CONTAINER_IDS < <( docker ps --format "{{.ID}}" )
|
||||
mapfile -t CONTAINER_IDS < <( podman ps --format "{{.ID}}" )
|
||||
fi
|
||||
|
||||
RC=0
|
||||
@@ -36,7 +36,7 @@ for CONTAINER_ID in "${CONTAINER_IDS[@]}"
|
||||
do
|
||||
echo "Processing $CONTAINER_ID"
|
||||
TMPFILE=$(mktemp)
|
||||
docker exec -u root $CONTAINER_ID bash -c "export LC_ALL=C ; apt-get update ; apt-get upgrade -y --dry-run" | tee $TMPFILE
|
||||
podman exec -u root $CONTAINER_ID bash -c "export LC_ALL=C ; apt-get update ; apt-get upgrade -y --dry-run" | tee $TMPFILE
|
||||
trap "rm $TMPFILE" EXIT
|
||||
if grep "0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded." $TMPFILE
|
||||
then
|
||||
@@ -44,13 +44,13 @@ do
|
||||
continue
|
||||
fi
|
||||
|
||||
PATH_OF_CONTAINER="$( docker inspect --format='{{ index .Config.Labels "com.docker.compose.project.working_dir" }}' $CONTAINER_ID )"
|
||||
NAME_OF_CONTAINER="$( docker inspect --format='{{ .Name }}' $CONTAINER_ID )"
|
||||
PATH_OF_CONTAINER="$( podman inspect --format='{{ index .Config.Labels "com.docker.compose.project.working_dir" }}' $CONTAINER_ID )"
|
||||
NAME_OF_CONTAINER="$( podman inspect --format='{{ .Name }}' $CONTAINER_ID )"
|
||||
|
||||
echo "IMPORTANT: building a new, up-to-date, container $NAME_OF_CONTAINER from $PATH_OF_CONTAINER"
|
||||
|
||||
cd $PATH_OF_CONTAINER
|
||||
docker-compose --no-ansi pull || { fail_one "pull" ; continue ; }
|
||||
docker-compose --no-ansi build --no-cache || { fail_one "build" ; continue ; }
|
||||
docker-compose --no-ansi up -d || { fail_one "switch to newly built container" ; continue ; }
|
||||
podman-compose --no-ansi pull || { fail_one "pull" ; continue ; }
|
||||
podman-compose --no-ansi build --no-cache || { fail_one "build" ; continue ; }
|
||||
podman-compose --no-ansi up -d || { fail_one "switch to newly built container" ; continue ; }
|
||||
done
|
||||
|
||||
@@ -22,7 +22,7 @@ function is_user_conforming()
|
||||
|
||||
find $THD -not -user $TUN | grep . && { echo >&2 "Files not owned by user $TUN in $THD" ; return 6 ; }
|
||||
|
||||
id -nGz $TUN | grep -qzxF "docker" || { echo >&2 "User not in docker group" ; return 7 ; }
|
||||
# id -nGz $TUN | grep -qzxF "docker" || { echo >&2 "User not in docker group" ; return 7 ; } # not needed with podman
|
||||
|
||||
echo "All correct"
|
||||
return 0
|
||||
@@ -38,7 +38,7 @@ then
|
||||
fi
|
||||
adduser --$ADDUSER_OPT "Dedicated user for gourichon infrastructure" --disabled-password --home $THD --gecos "" $TUN
|
||||
|
||||
adduser $TUN docker
|
||||
# adduser $TUN docker # not needed with podman
|
||||
|
||||
mkdir -p $THD/.ssh
|
||||
chmod 700 $THD/.ssh
|
||||
|
||||
Reference in New Issue
Block a user