Skip to content

Commit c6febe4

Browse files
LappihuanLappihuan
committed
Refactor kubetap-entrypoint.sh and Dockerfile to ensure .mitmproxy directory is created with proper permissions before copying the config file
1 parent e3db5c7 commit c6febe4

File tree

2 files changed

+14
-13
lines changed

2 files changed

+14
-13
lines changed

proxies/mitmproxy/Dockerfile

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,11 +8,13 @@ RUN apt-get update && \
88

99
# HACK: the security context of the injected pod could be run as any user, therefore
1010
# all users must be able to write to the directory.
11-
RUN chmod -R 777 /home/mitmproxy/.mitmproxy/
11+
# Ensure the directory exists and is world-writable
12+
RUN mkdir -p /home/mitmproxy/.mitmproxy && \
13+
chmod -R 777 /home/mitmproxy/.mitmproxy/
1214

1315
# Hijack the mitmproxy entrypoint (docker-entrypoint.sh) so that
1416
# configuration can be built from within the container using the
1517
# kubetap binary.
1618

1719
COPY kubetap-entrypoint.sh /usr/local/bin/
18-
ENTRYPOINT ["kubetap-entrypoint.sh"]
20+
ENTRYPOINT ["kubetap-entrypoint.sh"]

proxies/mitmproxy/kubetap-entrypoint.sh

Lines changed: 10 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -4,18 +4,17 @@ set -o errexit
44
set -o pipefail
55
set -o nounset
66

7-
# HACK: this fixes permission issues
8-
# Ensure the .mitmproxy directory exists and is writable
9-
if [ -d /home/mitmproxy/.mitmproxy ] && [ -w /home/mitmproxy/.mitmproxy ]; then
10-
# Only copy the config file if it exists and we have read access
11-
if [ -f /home/mitmproxy/config/config.yaml ] && [ -r /home/mitmproxy/config/config.yaml ]; then
12-
cp /home/mitmproxy/config/config.yaml /home/mitmproxy/.mitmproxy/config.yaml
13-
echo "Config file copied to /home/mitmproxy/.mitmproxy/config.yaml" >&2
14-
else
15-
echo "Warning: Config file not found or not readable at /home/mitmproxy/config/config.yaml" >&2
16-
fi
7+
# Ensure the .mitmproxy directory exists with proper permissions
8+
mkdir -p /home/mitmproxy/.mitmproxy
9+
chmod 777 /home/mitmproxy/.mitmproxy
10+
11+
# Copy the config file if it exists and is readable
12+
if [ -f /home/mitmproxy/config/config.yaml ] && [ -r /home/mitmproxy/config/config.yaml ]; then
13+
cp /home/mitmproxy/config/config.yaml /home/mitmproxy/.mitmproxy/config.yaml
14+
chmod 666 /home/mitmproxy/.mitmproxy/config.yaml
15+
echo "Config file copied to /home/mitmproxy/.mitmproxy/config.yaml" >&2
1716
else
18-
echo "Warning: .mitmproxy directory not found or not writable" >&2
17+
echo "Warning: Config file not found or not readable at /home/mitmproxy/config/config.yaml" >&2
1918
fi
2019

2120
prog="${1}"

0 commit comments

Comments
 (0)