Docker Tip #86: Always Make Your ENTRYPOINT Scripts Executable
There's a number of ways for files to lose certain permission bits in transit, such as unzipping it with certain unzip uilities.
When setting up an ENTRYPOINT you might do something like this in your Dockerfile:
COPY . . ENTRYPOINT ["/app/docker-entrypoint.sh"]
But if you do that, you’re depending on the box building the image to ensure the
docker-entrypoint.sh file is already executable. That might not be the case if that permission bit got lost in transit when the file made its way to the file system.
When that happens, your container will fail to run because the script won’t be executable.
You can protect yourself against the above by adding 1 more instruction:
COPY . . RUN chmod +x docker-entrypoint.sh ENTRYPOINT ["/app/docker-entrypoint.sh"]
Now your ENTRYPOINT will always be executable and it will for sure work on all platforms without having to worry about Windows losing the permission, certain unzip utilities stripping it out or anything else.
Of course it does add 1 more layer to your image for that
RUN command but that’s the price to pay for robustness! It’s a trade off I’ll make every time and it’s what I do in my own projects, such as in my open source Build a SAAS app with Flask project.