Copying files with execute permissions in Docker Image

The default file permission is whatever the file permission is in your build context from where you copy the file. If you control the source, then it's best to fix the permissions there to avoid a copy-on-write operation. Otherwise, if you cannot guarantee the system building the image will have the execute bit set on the files, a chmod after the copy operation will fix the permission. E.g.

RUN chmod +x entrypoint.sh

You do not need to know who will run the container. The user inside the container is typically configured by the image creator (using USER) and doesn't depend on the user running the container from the docker host. When the user runs the container, they send a request to the docker API which does not track the calling user id.

The only time I've seen the host user matter is if you have a host volume and want to avoid permission issues. If that's your scenario, I often start the entrypoint as root, run a script called fix-perms to align the container uid with the host volume uid, and then run gosu to switch from root back to the container user.

A --chmod flag was added to ADD and COPY instructions in Docker CE 20.10. So you can now do.

COPY --chmod=0755 entrypoint.sh .

To be able to use it you need to enable BuildKit.

# enable buildkit for dockerDOCKER_BUILDKIT=1# enable buildkit for docker-composeCOMPOSE_DOCKER_CLI_BUILD=1

Note: It seems to not be documented at this time, see this issue.