#!/bin/sh
# Run the my_ocrd_workflow container on the current workspace

set -e  # Abort on error

DOCKER_IMAGE=${DOCKER_IMAGE:-my_ocrd_workflow:latest}  # default to locally built

if echo "$DOCKER_IMAGE" | grep -q "/"; then
  docker pull "$DOCKER_IMAGE"
fi


# XXX Work around podman vs docker uid behaviour
if docker -v 2>&1 | grep -q podman; then
  user="0:0"
else
  user="`id -u`:`id -g`"
fi


# The container currently needs to run privileged to allow it to read from e.g.
# /home on SELinux secured systems such as Fedora. We might want to use udica
# instead in the future.

docker run --privileged=true --rm -t \
  \
  --user $user \
  --mount type=bind,src="$(pwd)",target=/data \
  \
  -e LOG_LEVEL=$LOG_LEVEL \
  $DOCKER_IMAGE "$@"