Discussion about ENTRYPOINT and CMD. (#12)

Author: tetron

CommandLineTool.yml

@@ -701,8 +701,9 @@ $graph:
   extends: ProcessRequirement
   doc: |
     Indicates that a workflow component should be run in a
-    [Docker](http://docker.com) container, and specifies how to fetch or build
-    the image.
+    [Docker](http://docker.com) or Docker-compatible (such as
+    [Singularity](https://www.sylabs.io/) and [udocker](https://github.com/indigo-dc/udocker)) container environment and
+    specifies how to fetch or build the image.
 
     If a CommandLineTool lists `DockerRequirement` under
     `hints` (or `requirements`), it may (or must) be run in the specified Docker
@@ -727,6 +728,22 @@ $graph:
     generated command line represents a valid command within the runtime
     environment of the container.
 
+    A container image may specify an
+    [ENTRYPOINT](https://docs.docker.com/engine/reference/builder/#entrypoint)
+    and/or
+    [CMD](https://docs.docker.com/engine/reference/builder/#cmd).
+    Command line arguments will be appended after all elements of
+    ENTRYPOINT, and will override all elements specified using CMD (in
+    other words, CMD is only used when the CommandLineTool definition
+    produces an empty command line).
+
+    Use of implicit ENTRYPOINT or CMD are discouraged due to reproducibility
+    concerns of the implicit hidden execution point (For further discussion, see 
+    [https://doi.org/10.12688/f1000research.15140.1](https://doi.org/10.12688/f1000research.15140.1)). Portable 
+    CommandLineTool wrappers in which use of a container is optional must not rely on ENTRYPOINT or CMD.  
+    CommandLineTools which do rely on ENTRYPOINT or CMD must list `DockerRequirement` in the
+    `requirements` section.
+
     ## Interaction with other requirements
 
     If [EnvVarRequirement](#EnvVarRequirement) is specified alongside a