When running job in container, are CMD or ENTRYPOINT executed?

When i run a job using “container: xxx/yyy:tag” will either CMD or ENTRYPOINT be executed? And will they have access to the “env:” defined for the job? E.g.

env:
      NUGET_USER: ${{ secrets.NUGET_USER }}
      NUGET_PASS: ${{ secrets.NUGET_PASS }}

My scenario:

I run my jobs in a container to ensure that the test environment is completely well defined. The container contains an ENTRYPOINT that sets up a package source when executed based on secrets retrieved from environment variables ( i do not want those secrets in the container itself as it is public ). It seems that ENTRYPOINT is not executed. I figure maybe CMD might work, but i would like to understand if i can even access the environment variables.

Right now as a work around i have a startup.sh in my container that i execute in the job, but it adds one more line to every job.

Hi @petertiedemann ,

According to the syntax of container, there’s no CMD or entrypoint settings, only in the ‘jobs.<job_id>.container.options’ , it’s possible to overwrite the default ENTRYPOINT of the image with “–entrypoint”.

And during the initialization, container doesn’t have access to the “env” variables which defined in the job. 

The env variables can be accessed in the job steps.

Thanks

Thank you, so sounds like i will have to stick with running my startup.sh manually.