From b0c1cab95abd1464dce8cbd5d6cc25a268cebc57 Mon Sep 17 00:00:00 2001
From: thomasabishop <thomasabishop@tuta.com>
Date: Thu, 8 Jan 2026 19:45:38 +0000
Subject: [PATCH] docker compose entrypoint

---
 zk/Docker_Compose_entrypoint.md | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 zk/Docker_Compose_entrypoint.md

diff --git a/zk/Docker_Compose_entrypoint.md b/zk/Docker_Compose_entrypoint.md
new file mode 100644
index 0000000..4359b68
--- /dev/null
+++ b/zk/Docker_Compose_entrypoint.md
@@ -0,0 +1,30 @@
+---
+tags:
+  - docker
+---
+
+The `entrypoint` key in a Docker compose file is useful for running any advanced
+scripts before the the main `cmd` is executed.
+
+```sh
+app:
+ image: python:3.11-slim
+ entrypoint: ["./entrypoint.sh"]
+ command: ["python", "src/app.py"]
+```
+
+I used it recently to inject a `.pem` certificate into the container before the
+main execution.
+
+The script must conclude with `exec "$@"` because it receives the value of the
+`command` key in the Compose file as its argument. E.g.
+
+```sh
+cat /etc/ssl/certs/ca-certificates.crt /zscaler.pem > /tmp/combined-certs.pem
+export REQUESTS_CA_BUNDLE=/tmp/combined-certs.pem
+export SSL_CERT_FILE=/tmp/combined-certs.pem
+
+pip install -r requirements.txt
+
+exec "$@"
+```