I have dockerfile with following content
FROM 2.dkr.ecr.us-east-1.amazonaws.com/pa-amazonlinux:latest
# FROM amazonlinux:2
# install core packages
RUN yum update -y && \
amazon-linux-extras install -y python3.8 postgresql14 nginx1 epel && \
yum install -y gcc git openldap-devel openssl-devel crontabs python38-devel mariadb-devel supervisor which tar python2-requests
# install extra packages
RUN yum install -y libpq-devel libaio
ENV PATH "$PATH:~/.local/bin"
#RUN useradd -ms /bin/bash gitlab-runner
#RUN usermod -aG wheel gitlab-runner
WORKDIR /app/pa
# copy over our source code
COPY . /app/pa/
# copy over configuration
COPY nginx.conf /etc/nginx/
# create directories used by the app
RUN mkdir /var/log/pa && \
mkdir /var/www && \
mkdir /var/www/pa
RUN mkdir /virtualenvs
RUN chown -R gitlab-runner:gitlab-runner /var/log/pa
RUN chown -R gitlab-runner:gitlab-runner /var/www
RUN chown -R gitlab-runner:gitlab-runner /var/www/pa
RUN chown -R gitlab-runner:gitlab-runner /virtualenvs
# setup virtual environment for the app
RUN python3.8 -m venv /virtualenvs/pa && \
source /virtualenvs/pa/bin/activate && \
pip install -r requirements/base.txt
RUN ldconfig
RUN chmod u+x docker_entrypoint.sh
RUN echo "NETWORKING=yes" > /etc/sysconfig/network
i am creating my ecs task with docker_entrypoint.sh content being
NAME="maestro_ecs"
echo "$ENVIRONMENT"
DJANGODIR=/app/platform_analytics
service=ecs
echo "Starting $NAME as `whoami`"
tag_filter="ma-ecs-"$ENVIRONMENT
# Get the list of runners with the specified tag
page=1
per_page=100
printenv | grep -v "no_proxy" >> /etc/environment
cd $DJANGODIR
# awslogs installation
echo -e "log_group_name = /ecs/ma-$ENVIRONMENT" >> awslogs.conf
echo "Setting up awslogs"
echo -e "Amazon Linux AMI\n$(cat /etc/issue)" > /etc/issue
curl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O
curl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/AgentDependencies.tar.gz -O
tar xvf AgentDependencies.tar.gz -C /tmp/
python ./awslogs-agent-setup.py --region us-east-1 --dependency-path /tmp/AgentDependencies -c awslogs.conf -n
echo "Setting up virtual environment"
source /virtualenvs/platform_analytics/bin/activate
python manage.py collectstatic --noinput
echo "starting gitlab-runner installation"
yum install wget -y
yum install jq -y
echo "starting wget installation"
wget -O /usr/local/bin/gitlab-runner https://gitlab-runner-downloads.s3.amazonaws.com/latest/binaries/gitlab-runner-linux-amd64
chmod +x /usr/local/bin/gitlab-runner
echo "unregister all active runners"
gitlab-runner unregister --all-runners
# below line of code will remove any previous zombie runners registered by dead containers
offline_runners=$(curl -s --header "PRIVATE-TOKEN:${gitlab_runner_api_access_token}" "${GitlabRunnerUrl}api/v4/runners?tag_list=${tag_filter}&page=${page}&per_page=${per_page}" | jq -r '.[] | .id')
# Iterate over each offline runner and remove it
for runner_id in $offline_runners; do
echo "Removing runner ID: ${runner_id}"
curl -s --header "PRIVATE-TOKEN:${gitlab_runner_api_access_token}" --request DELETE "${GitlabRunnerUrl}api/v4/runners/${runner_id}"
done
chown -R gitlab-runner:gitlab-runner /etc
useradd --comment 'GitLab Runner' --create-home gitlab-runner --shell /bin/bash
usermod -aG root gitlab-runner
mkdir /opt/gitlab
/usr/local/bin/gitlab-runner install --user gitlab-runner --working-directory=/opt/gitlab
/usr/local/bin/gitlab-runner start
/usr/local/bin/gitlab-runner register \
--non-interactive \
--url ${GitlabRunnerUrl} \
--registration-token ${GitlabRunnerTokenForService} \
--executor shell \
--name ${GitlabRunnerName} \
--docker-pull-policy always \
--locked=false \
--run-untagged=false \
--docker-privileged=true \
--limit 1 \
--tag-list ${GitlabRunnerName}
/usr/local/bin/gitlab-runner restart
chown gitlab-runner /opt/gitlab
chmod -R 777 /opt/gitlab
chmod -R 777 /app/
echo "Starting supervisord"
# this is running as background process
supervisord &
echo "Starting nginx as foreground"
nginx
#
echo "Forever nginx"
i want to run commands like supervisorctl on my gitlab-runner but i get permission denied. I tried installing supervisor using gitlab-runner user but it says i need to be root to install software.
I m not able to find a workaround to run supervisorctl as i cannot be root during deployment..
Plzzz help