docker
`-env VAR` overwrites the samely named var in Docker container if it's not set in host environment
Description
The docs state:
If no = is provided and that variable is not exported in your local environment, the variable won’t be set in the container.
But, when I pass an ENV variable which is not exported in my local environment to a container (docker run -e VAR) which has defined such a var by using ENV Dockerfile instruction, the variable gets overwritten with an empty value inside the container.
Steps to reproduce the issue:
I have a Dockerfile with:
FROM alpine:latest
ARG MY_VAR
ENV MY_VAR ${MY_VAR:-default}
ENTRYPOINT []
Then, I build it like:
docker build --build-arg MY_VAR=custom -t my-image .
Next, I run the container:
$ docker run -it my-image sh
/ $ echo $MY_VAR
custom
/ $
Everything works as expected until I pass an ENV var which is not exported into my host environment - the var actually gets set in the container, with an empty value.
Describe the results you received:
$ docker run -it -e MY_VAR my-image sh
/ $ echo $MY_VAR
/ $
Describe the results you expected:
$ docker run -it -e MY_VAR my-image sh
/ $ echo $MY_VAR
custom
/ $
Additional information you deem important (e.g. issue happens only occasionally):
I believe this behavior could be because of this line of code in CLI, specifically this call: opts.ConvertKVStringsToMapWithNil(copts.env.GetAll()).
Output of docker version:
Client: Docker Engine - Community
Version: 18.09.2
API version: 1.39
Go version: go1.10.8
Git commit: 6247962
Built: Sun Feb 10 04:12:39 2019
OS/Arch: darwin/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 18.09.2
API version: 1.39 (minimum version 1.12)
Go version: go1.10.6
Git commit: 6247962
Built: Sun Feb 10 04:13:06 2019
OS/Arch: linux/amd64
Experimental: true
Output of docker info:
Containers: 10
Running: 2
Paused: 0
Stopped: 8
Images: 48
Server Version: 18.09.2
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 9754871865f7fe2f4e74d43e2fc7ccd237edcbce
runc version: 09c8266bf2fcf9519a651b04ae54c967b9ab86ec
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 4.9.125-linuxkit
Operating System: Docker for Mac
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 1.952GiB
Name: linuxkit-025000000001
ID: ZD74:JC3O:ANF3:FR6Q:DWDR:2XM5:C52E:UCO7:WWHZ:QPXA:ZVE2:CSTE
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): true
File Descriptors: 38
Goroutines: 61
System Time: 2019-03-27T20:43:47.4933493Z
EventsListeners: 2
HTTP Proxy: gateway.docker.internal:3128
HTTPS Proxy: gateway.docker.internal:3129
Registry: https://index.docker.io/v1/
Labels:
Experimental: true
Insecure Registries:
172.16.1.1:5000
127.0.0.0/8
Live Restore Enabled: false
Product License: Community Engine
Additional environment details (AWS, VirtualBox, physical, etc.):
uname -a:
uname -a
Darwin ephemeral.local 18.2.0 Darwin Kernel Version 18.2.0: Mon Nov 12 20:24:46 PST 2018; root:xnu-4903.231.4~2/RELEASE_X86_64 x86_64 i386 MacBookPro11,4 Darwin
Looks to be still the case (tried on docker 28.1.1);
echo -e 'FROM alpine:latest\nARG MY_VAR\nENV MY_VAR=${MY_VAR:-default}\n' | docker build --build-arg MY_VAR=custom -t my-image -
docker run --rm my-image printenv MY_VAR
custom
docker run --rm -e MY_VAR my-image printenv MY_VAR
# empty
MY_VAR=override docker run --rm -e MY_VAR my-image printenv MY_VAR
override
I'd have to dig back history though to check if this was possibly intentional (being able to unset the env-var in this case).
