Docker Tip #86: Always Make Your ENTRYPOINT Scripts Executable
There's a number of ways for files to lose certain permission bits in transit, such as unzipping it with certain unzip uilities.
When setting up an ENTRYPOINT you might do something like this in your Dockerfile:
COPY . .
ENTRYPOINT ["/app/docker-entrypoint.sh"]
But if you do that, you’re depending on the box building the image to ensure
the docker-entrypoint.sh file is already executable. That might not be the
case if that permission bit got lost in transit when the file made its way to
the file system.
When that happens, your container will fail to run because the script won’t be executable.
You can protect yourself against the above by adding 1 more instruction:
COPY . .
RUN chmod +x docker-entrypoint.sh
ENTRYPOINT ["/app/docker-entrypoint.sh"]
Now your ENTRYPOINT will always be executable and it will for sure work on all platforms without having to worry about Windows losing the permission, certain unzip utilities stripping it out or anything else.
Of course it does add 1 more layer to your image for that RUN command but
that’s the price to pay for robustness! It’s a trade off I’ll make every time
and it’s what I do in my own projects, such as in my open source Build a SAAS
app with Flask project.