|
|
@@ -112,8 +112,22 @@ def docker_build(dockerfile):
|
|
|
image_id_match = image_id_regex.search(line)
|
|
|
if image_id_match:
|
|
|
image_id, = image_id_match.groups()
|
|
|
- assert not image_id is None
|
|
|
- return image_id
|
|
|
+ assert not image_id is None, 'could not determine image id'
|
|
|
+ return image_id.decode(sys.stdout.encoding)
|
|
|
+
|
|
|
+def docker_run(image_id=None, dockerfile=None, caps=[]):
|
|
|
+ assert image_id is None or dockerfile is None, \
|
|
|
+ 'either pass kwarg image_id or dockerfile'
|
|
|
+ if not image_id:
|
|
|
+ image_id = docker_build(dockerfile)
|
|
|
+ params = ['sudo', 'docker', 'run',
|
|
|
+ '--rm=true', '--interactive=true', '--tty=true',
|
|
|
+ '--cap-drop=all', '--security-opt=no-new-privileges']
|
|
|
+ params.extend(['--cap-add={}'.format(c) for c in caps])
|
|
|
+ params.append(image_id)
|
|
|
+ import shlex
|
|
|
+ print(' '.join([shlex.quote(p) for p in params]))
|
|
|
+ subprocess.run(params, check=True)
|
|
|
|
|
|
def locate(*patterns, match_all=True, ignore_case=True):
|
|
|
params = []
|
