feat(database-dump-via-docker-sock): 支持指定容器内执行命令的用户

2025-09-23 15:04:51 +08:00
parent adfa640822
commit 055b8ad63e
2 changed files with 49 additions and 9 deletions
--- a/docker-exec-via-sock.sh
+++ b/docker-exec-via-sock.sh
@@ -21,13 +21,14 @@ log_stream() {

 print_usage() {
  cat <<EOF >&2
-Usage: $0 [--socket=PATH] [--api-version=VERSION] --container=NAME --cmd=COMMAND
+Usage: $0 [--socket=PATH] [--api-version=VERSION] --container=NAME --cmd=COMMAND [--user=NAME]

 Options:
  --socket=PATH           Docker Engine unix socket path (default: /var/run/docker.sock)
  --api-version=VERSION   Docker API version (default: v1.51)
  --container=NAME        Container name to execute command in
  --cmd=COMMAND           Command to execute in the container
+  --user=NAME             Run command as the specified user (default: container default user)
  --shell=SHELL           Shell to use (default: sh) 暂未实现
  --help                  Show this help message
 EOF
@@ -37,6 +38,7 @@ DOCKER_SOCKET="/var/run/docker.sock"
 DOCKER_API_VERSION="v1.51"
 CONTAINER_NAME=""
 CMD_TO_EXEC=""
+EXEC_USER=""
 DOCKER_LAST_RESPONSE=""

 require_command() {
@@ -55,13 +57,13 @@ missing_value() {
 docker_exec_create() {
  docker_exec_create_desc=$1
  docker_exec_create_cmd=$2
-  docker_exec_create_payload=$(jq -n --arg cmd "$docker_exec_create_cmd" '{
+  docker_exec_create_payload=$(jq -n --arg cmd "$docker_exec_create_cmd" --arg user "$EXEC_USER" '{
    AttachStdin: false,
    AttachStdout: true,
    AttachStderr: true,
    Tty: true,
    Cmd: ["sh", "-c", $cmd]
-  }')
+  } | if ($user | length) > 0 then .User = $user else . end)

  DOCKER_LAST_RESPONSE=$(curl --silent --show-error --unix-socket "$DOCKER_SOCKET" \
    -X POST \
@@ -141,6 +143,14 @@ while [ "$#" -gt 0 ]; do
      shift
      CMD_TO_EXEC="$1"
      ;;
+    --user=*)
+      EXEC_USER="${1#*=}"
+      ;;
+    --user)
+      if [ "$#" -lt 2 ]; then missing_value '--user'; fi
+      shift
+      EXEC_USER="$1"
+      ;;
    --help)
      print_usage
      exit 0
@@ -180,7 +190,11 @@ fi
 docker_api_base="http://localhost/${DOCKER_API_VERSION}"
 exec_create_endpoint="${docker_api_base}/containers/${CONTAINER_NAME}/exec"

-log "executing command in container '$CONTAINER_NAME': $CMD_TO_EXEC"
+if [ -n "$EXEC_USER" ]; then
+  log "executing command in container '$CONTAINER_NAME' as '$EXEC_USER': $CMD_TO_EXEC"
+else
+  log "executing command in container '$CONTAINER_NAME': $CMD_TO_EXEC"
+fi

 exec_id=$(docker_exec_create "command" "$CMD_TO_EXEC")
 if [ -z "$exec_id" ]; then
@@ -203,4 +217,4 @@ else
  # 将错误输出打印到 stderr
  echo "$output" >&2
  exit "$exit_code"
-fi
+fi