You can’t add a yum command in a compose file. I mean you could, but you shouldn’t and wouldn’t really make sense and it would definitely not be more secure then installing it in the image and using the image to create a container that already contains everything.
Can you explain why your manager doesn’t want you to install the requirements by using a Dockerfile?
Unless you host has the same exact OS as your container, the folders could be dfferent. You can run a container on your machine, install the requirements and run the following command in another terminal:
docker container diff CONTAINER_NAME
Replace CONTAINER_NAME with the actual container name. That will show you what changed on the filesystem of the container. You can copy out the created files using docker cp and use that to mount into another container. I would still prefer to use a Dockerfile. You manager may have a good reason to forbid it, but I am not sure what.
Is your manager aware of what Dockerfiles are used for? If yum install is in the Dockerfile, it will be executed during image build. It is quite the opposite: when it’s used in the Dockerfile, it does not happen every time a deployment is made. Unless of course someone wrote the command into the entry point script.
Using volumes for config and persistent data is fine, but using volumes to inject binaries/libraries in a container pretty much breaks the aspect “self contained”.
I would rather try to convince a manager than force to do anything.
AS @meyay pointed out, instructions in a Dockerfile would not run every time if you use it properly. If the yum command is in a separate layer before the rest of the instructions, Docker could use the build cache which lets you use the same Dockerfile multiple times and update run instructions only which would actually change the image. Unless your base image changes (for example new centos 9 image is released) yum would not run again. If all of your images has the same base layers, you could also create a base image, store it in a private registry and that way make sure that yum is not running even if you can’t use the build cache for some reason.,
Adding the “yum install -y dejavu-sans-fonts fontconfig” command in the docker-compose.yml file can be achieved by using the command option within the desired service in your YAML file. By including this command, you can install the necessary fonts before running any subsequent commands within the container.
However, it’s important to note that the font installation process relies on the base image used in your Dockerfile. If the base image doesn’t have the necessary repositories or package managers, you might need to modify the Dockerfile accordingly or explore alternative approaches.
Additionally, be aware that modifying the docker-compose.yml file to include font installation may have implications on portability and reproducibility. It’s recommended to discuss and align with your team and manager on the best approach to address the font requirements while maintaining containerization best practices.