You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Before describing my question, I would like to thank you for this tool. It is really helpful for ensuring system stability with Docker containers when you need to expect that a container might become unhealthy in production.
I am wondering what the reason for the if/else in the docker-entrypoint file in lines 130 and 178 is.
If autoheal is passed as first parameter, the entrypoint does the container checking and restarting. But if something else is provided, it is just passed to exec in line 179.
I can see, that there might be use cases for this (passing another command to the container for test purpose). But I question whether this is really a good decision security-wise for a container that gets access to the Docker socket in production.
Is there something I'm missing here or is this line really just for ease of testing by providing another command to the container?
Thanks in advance!
The text was updated successfully, but these errors were encountered:
Before describing my question, I would like to thank you for this tool. It is really helpful for ensuring system stability with Docker containers when you need to expect that a container might become unhealthy in production.
I am wondering what the reason for the if/else in the docker-entrypoint file in lines 130 and 178 is.
If
autohealis passed as first parameter, the entrypoint does the container checking and restarting. But if something else is provided, it is just passed toexecin line 179.I can see, that there might be use cases for this (passing another command to the container for test purpose). But I question whether this is really a good decision security-wise for a container that gets access to the Docker socket in production.
Is there something I'm missing here or is this line really just for ease of testing by providing another command to the container?
Thanks in advance!
The text was updated successfully, but these errors were encountered: