Allow setting of mode in files section

Also keep track of directory creation there, so you can explicitly set directory permissions if required, and to avoid duplicates. We should really keep track of files created elsewhere in the build as well as we still might create some extras, but at least you can set the write permisisons. We can add uid, gid support too if required... Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2025-07-21 10:09:07 +00:00 · 2017-06-08 14:44:02 +01:00 · 2017-06-08 14:44:02 +01:00 · 83c166d3f2
commit 83c166d3f2
parent e0aac90f44
3 changed files with 42 additions and 13 deletions
--- a/cmd/moby/build.go
+++ b/cmd/moby/build.go
@ -518,6 +518,9 @@ func tarAppend(iw *tar.Writer, tr *tar.Reader) error {
 }

 func filesystem(m Moby, tw *tar.Writer) error {
+	// TODO also include the files added in other parts of the build
+	var addedFiles = map[string]bool{}
+
 	if len(m.Files) != 0 {
 		log.Infof("Add files:")
 	}
@ -526,6 +529,27 @@ func filesystem(m Moby, tw *tar.Writer) error {
 		if f.Path == "" {
 			return errors.New("Did not specify path for file")
 		}
+		mode := int64(0600)
+		if f.Directory {
+			mode = 0700
+		}
+		if f.Mode != "" {
+			var err error
+			mode, err = strconv.ParseInt(f.Mode, 8, 32)
+			if err != nil {
+				return fmt.Errorf("Cannot parse file mode as octal value: %v", err)
+			}
+		}
+		dirMode := mode
+		if dirMode&0700 != 0 {
+			dirMode |= 0100
+		}
+		if dirMode&0070 != 0 {
+			dirMode |= 0010
+		}
+		if dirMode&0007 != 0 {
+			dirMode |= 0001
+		}
 		if !f.Directory && f.Contents == "" && f.Symlink == "" {
 			if f.Source == "" {
 				return errors.New("Contents of file not specified")
@ -550,17 +574,20 @@ func filesystem(m Moby, tw *tar.Writer) error {
 			} else {
 				root = root + "/" + p
 			}
+			if !addedFiles[root] {
 				hdr := &tar.Header{
 					Name:     root,
 					Typeflag: tar.TypeDir,
-				Mode:     0700,
+					Mode:     dirMode,
 				}
 				err := tw.WriteHeader(hdr)
 				if err != nil {
 					return err
 				}
+				addedFiles[root] = true
 			}
-
+		}
+		addedFiles[f.Path] = true
 		if f.Directory {
 			if f.Contents != "" {
 				return errors.New("Directory with contents not allowed")
@ -568,7 +595,7 @@ func filesystem(m Moby, tw *tar.Writer) error {
 			hdr := &tar.Header{
 				Name:     f.Path,
 				Typeflag: tar.TypeDir,
-				Mode:     0700,
+				Mode:     mode,
 			}
 			err := tw.WriteHeader(hdr)
 			if err != nil {
@ -578,7 +605,7 @@ func filesystem(m Moby, tw *tar.Writer) error {
 			hdr := &tar.Header{
 				Name:     f.Path,
 				Typeflag: tar.TypeSymlink,
-				Mode:     0600,
+				Mode:     mode,
 				Linkname: f.Symlink,
 			}
 			err := tw.WriteHeader(hdr)
@ -588,7 +615,7 @@ func filesystem(m Moby, tw *tar.Writer) error {
 		} else {
 			hdr := &tar.Header{
 				Name: f.Path,
-				Mode: 0600,
+				Mode: mode,
 				Size: int64(len(f.Contents)),
 			}
 			err := tw.WriteHeader(hdr)
--- a/cmd/moby/config.go
+++ b/cmd/moby/config.go
@ -32,6 +32,7 @@ type Moby struct {
 		Symlink   string
 		Contents  string
 		Source    string
+		Mode      string
 	}
 }

--- a/cmd/moby/schema.go
+++ b/cmd/moby/schema.go
@ -22,7 +22,8 @@ var schema = string(`
          "directory": {"type": "boolean"},
          "symlink": {"type": "string"},
          "contents": {"type": "string"},
-          "source": {"type": "string"}
+          "source": {"type": "string"},
+          "mode": {"type": "string"}
        }
    },
    "files": {