fix: handle new output of getpcaps

qoomon · Feb 26, 2021 · 89897b5 · 89897b5
1 parent 6c55b35
commit 89897b5
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 13 deletions.
diff --git a/.github/workflows/dockerimage.yml b/.github/workflows/dockerimage.yml
@@ -2,7 +2,10 @@ name: Build
 
 on: 
   push:
-  workflow_dispatch:
+    branches:
+      - "*"
+    tags:
+      - "v*"
 
 env:
   DOCKER_BUILDX_PLATFORM: linux/amd64,linux/arm/v7,linux/arm64
@@ -62,17 +65,12 @@ jobs:
         
         if [ "${GITHUB_BRANCH}" ]
         then 
-          if [[ "${GITHUB_BRANCH}" = 'master' ]]
-          then 
-            DOCKER_TAGS=(latest)
-          else 
-            DOCKER_TAGS=(${GITHUB_BRANCH/\//-})
-          fi
+          DOCKER_TAGS=(${GITHUB_BRANCH/\//-})
         elif [[ "$GITHUB_TAG" = v* ]]
         then 
           VERSION=${GITHUB_TAG#v}
           VERSION_PARTS=($(echo $VERSION | tr "." "\n"))
-          DOCKER_TAGS=($VERSION ${VERSION_PARTS[0]})
+          DOCKER_TAGS=(latest $VERSION ${VERSION_PARTS[0]})
         fi
         
         echo "image tag(s):"

diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.12
+FROM alpine:3.13
 
 RUN apk --update --no-cache add iptables libcap
 

diff --git a/entrypoint.sh b/entrypoint.sh
@@ -2,17 +2,19 @@
 set -e # exit on error
 
 function checkpcaps {
-  local pid=$1; shift
-  local caps="$(getpcaps $pid 2>&1 | sed 's/^.*=//'),"
-  for cap in "$@"; do [ -z "${caps##*$cap,*}" ] || return 1; done
+  local process_caps="$(getpcaps $$),"
+  for required_cap in "$@"
+  do 
+    echo "$process_caps" | grep -q "${required_cap}," || return 1
+  done
 }
 
 function resolveHost { 
   getent ahostsv4 "$1" | head -n1 | cut -d' ' -f1
 }
 
 # ensure network capabilities
-if ! checkpcaps $$ 'cap_net_admin' 'cap_net_raw'
+if ! checkpcaps 'cap_net_admin' 'cap_net_raw'
 then
   echo "[ERROR] docker-host container needs Linux capabilities NET_ADMIN and NET_RAW"
   echo "  e.g 'docker run --cap-add=NET_ADMIN --cap-add=NET_RAW ...'"