• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.

Question How may I run docker commands in Deploy actions of Git?

M

Marchiuz

New Pleskian
Server operating system version
AlmaLinux 8.4 x86_64
Plesk version and microupdate number
Plesk Obsidian 18.0.41.1
From what I understand, the deployment actions are performed in some specific chroot environment, how may I allow this environment to run docker commands? Docker is in /usr/bin
 
Still looking for an answer for this. It seems like a pretty common task - to run additional commands after deployment, how come there's so little information about it?
 
Only root/sudoers have access to docker by default.

Technically, you can:

1) grant the subscription's system user (at Web Hosting Access) with shell access. Then modify user by adding the docker group, for example:
# usermod -aG docker jdoe

and call the commands in deployment actions afterward.

2) with deployment actions write some content(the commands, for example) to a file, which is checked by some background script(for example, powered with inotifywait) and executed by background script on behalf of root.

P.S. in both cases, especially the second one you should mind that the whole docker service will be exposed to that user.
 
Strangelove said:
Only root/sudoers have access to docker by default.

Technically, you can:

1) grant the subscription's system user (at Web Hosting Access) with shell access. Then modify user by adding the docker group, for example:
# usermod -aG docker jdoe

and call the commands in deployment actions afterward.

2) with deployment actions write some content(the commands, for example) to a file, which is checked by some background script(for example, powered with inotifywait) and executed by background script on behalf of root.

P.S. in both cases, especially the second one you should mind that the whole docker service will be exposed to that user.
Click to expand...
Thanks for suggestions.
This doesn't sound like a safe option, shouldn't there be a more standard way of doing this, having in mind that this is probably quite a casual task?
 
Not quite casual, when containers are ran as root by default.

Nonetheless, you can deploy a container manually as non-root user:
docs.docker.com

Rootless mode

Run the Docker daemon as a non-root user (Rootless mode)
docs.docker.com docs.docker.com

I'd recommend testing that scenario on a staging server first.
 
You must log in or register to reply here.

Similar threads

Zéfyx
Issue Git - additional deploy actions : Limited access to binaries [Git extension bug: EXTGIT-22]
Replies
2
Views
2K
Zéfyx
Zéfyx
D
Issue Installing Rocket Chat in Plesk with Docker using tutorial, need an answer.
2
Replies
33
Views
6K
David Borrink
D
M
Question How to run git commands on plesk?
Replies
1
Views
1K
havi5
havi5
D
Issue Installing Mattermost via Docker in Plesk - issues with containers
2
Replies
21
Views
13K
David Borrink
D
T
Question Redis on server vs Docker container
Replies
4
Views
2K
Kaspar@Plesk
Kaspar@Plesk
Back
Top