• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Question How may I run docker commands in Deploy actions of Git?

M

Marchiuz

New Pleskian
Server operating system version
AlmaLinux 8.4 x86_64
Plesk version and microupdate number
Plesk Obsidian 18.0.41.1
From what I understand, the deployment actions are performed in some specific chroot environment, how may I allow this environment to run docker commands? Docker is in /usr/bin
 
Still looking for an answer for this. It seems like a pretty common task - to run additional commands after deployment, how come there's so little information about it?
 
Only root/sudoers have access to docker by default.

Technically, you can:

1) grant the subscription's system user (at Web Hosting Access) with shell access. Then modify user by adding the docker group, for example:
# usermod -aG docker jdoe

and call the commands in deployment actions afterward.

2) with deployment actions write some content(the commands, for example) to a file, which is checked by some background script(for example, powered with inotifywait) and executed by background script on behalf of root.

P.S. in both cases, especially the second one you should mind that the whole docker service will be exposed to that user.
 
Strangelove said:
Only root/sudoers have access to docker by default.

Technically, you can:

1) grant the subscription's system user (at Web Hosting Access) with shell access. Then modify user by adding the docker group, for example:
# usermod -aG docker jdoe

and call the commands in deployment actions afterward.

2) with deployment actions write some content(the commands, for example) to a file, which is checked by some background script(for example, powered with inotifywait) and executed by background script on behalf of root.

P.S. in both cases, especially the second one you should mind that the whole docker service will be exposed to that user.
Click to expand...
Thanks for suggestions.
This doesn't sound like a safe option, shouldn't there be a more standard way of doing this, having in mind that this is probably quite a casual task?
 
Not quite casual, when containers are ran as root by default.

Nonetheless, you can deploy a container manually as non-root user:
docs.docker.com

Rootless mode

Run the Docker daemon as a non-root user (Rootless mode)
docs.docker.com docs.docker.com

I'd recommend testing that scenario on a staging server first.
 
You must log in or register to reply here.

Similar threads

M
Resolved How to configure Plesk databases to allow access from Plesk docker container
Replies
6
Views
1K
milanbx
M
I
Question how to reach docker container with opensearch?
Replies
0
Views
161
Isolde
I
Zéfyx
Issue Git - additional deploy actions : Limited access to binaries [Git extension bug: EXTGIT-22]
Replies
2
Views
2K
Zéfyx
Zéfyx
M
Question How to configure phpMyAdmin config.inc.php properly to connect to other DB servers in Docker container
Replies
0
Views
390
milanbx
M
D
Issue Installing Rocket Chat in Plesk with Docker using tutorial, need an answer.
2
Replies
33
Views
7K
David Borrink
D
Back
Top