From dada5446976de937b0faf242f7aae48fe9f2f366 Mon Sep 17 00:00:00 2001 From: Josh Wolf Date: Tue, 8 Oct 2024 13:44:33 -0400 Subject: [PATCH] use dind instead of dood --- internal/docker/docker.go | 2 ++ internal/harness/docker/docker.go | 49 ++++++++++++++++--------------- internal/harness/docker/opts.go | 20 ++++++------- 3 files changed, 38 insertions(+), 33 deletions(-) diff --git a/internal/docker/docker.go b/internal/docker/docker.go index 5b9a3d0..bba9200 100644 --- a/internal/docker/docker.go +++ b/internal/docker/docker.go @@ -51,6 +51,7 @@ type Request struct { Contents []*Content PortBindings nat.PortMap ExtraHosts []string + Volumes map[string]struct{} } type ResourcesRequest struct { @@ -137,6 +138,7 @@ func (d *Client) Start(ctx context.Context, req *Request) (*Response, error) { Labels: d.withDefaultLabels(req.Labels), Healthcheck: req.HealthCheck, ExposedPorts: exposedPorts, + Volumes: req.Volumes, }, &container.HostConfig{ ExtraHosts: req.ExtraHosts, diff --git a/internal/harness/docker/docker.go b/internal/harness/docker/docker.go index af49136..02b7ef5 100644 --- a/internal/harness/docker/docker.go +++ b/internal/harness/docker/docker.go @@ -5,19 +5,21 @@ import ( "encoding/base64" "encoding/json" "fmt" + "time" client "github.com/chainguard-dev/terraform-provider-imagetest/internal/docker" "github.com/chainguard-dev/terraform-provider-imagetest/internal/harness" "github.com/docker/docker/api/types/mount" "github.com/google/go-containerregistry/pkg/name" + v1 "github.com/moby/docker-image-spec/specs-go/v1" "k8s.io/apimachinery/pkg/api/resource" ) -var _ harness.Harness = &docker{} +var _ harness.Harness = &dind{} const DefaultDockerSocketPath = "/var/run/docker.sock" -type docker struct { +type dind struct { Name string ImageRef name.Reference Networks []client.NetworkAttachment @@ -32,8 +34,8 @@ type docker struct { } func New(opts ...Option) (harness.Harness, error) { - h := &docker{ - ImageRef: name.MustParseReference("cgr.dev/chainguard/docker-cli:latest-dev"), + h := &dind{ + ImageRef: name.MustParseReference("docker:dind"), // NOTE: This will basically always be overridden by the bundled image Resources: client.ResourcesRequest{ MemoryRequest: resource.MustParse("1Gi"), MemoryLimit: resource.MustParse("2Gi"), @@ -54,13 +56,15 @@ func New(opts ...Option) (harness.Harness, error) { } // Create implements harness.Harness. -func (h *docker) Create(ctx context.Context) error { +func (h *dind) Create(ctx context.Context) error { cli, err := client.New() if err != nil { return err } - nw, err := cli.CreateNetwork(ctx, &client.NetworkRequest{}) + nw, err := cli.CreateNetwork(ctx, &client.NetworkRequest{ + Name: h.Name, + }) if err != nil { return fmt.Errorf("creating network: %w", err) } @@ -76,15 +80,9 @@ func (h *docker) Create(ctx context.Context) error { return fmt.Errorf("creating docker config json: %w", err) } - mounts := append(h.Mounts, mount.Mount{ - Type: mount.TypeBind, - Source: "/var/run/docker.sock", - Target: "/var/run/docker.sock", - }) - if len(h.Volumes) > 0 { for _, vol := range h.Volumes { - mounts = append(mounts, mount.Mount{ + h.Mounts = append(h.Mounts, mount.Mount{ Type: mount.TypeVolume, Source: vol.Name, // mount.Mount refers to "Source" as the name for a named volume Target: vol.Target, @@ -95,12 +93,13 @@ func (h *docker) Create(ctx context.Context) error { resp, err := cli.Start(ctx, &client.Request{ Name: h.Name, Ref: h.ImageRef, - Entrypoint: harness.DefaultEntrypoint(), - Cmd: harness.DefaultCmd(), + Entrypoint: []string{"/usr/bin/dockerd-entrypoint.sh"}, + Privileged: true, + Cmd: []string{}, Networks: h.Networks, Resources: h.Resources, User: "0:0", - Mounts: mounts, + Mounts: h.Mounts, Env: h.Envs, Contents: []*client.Content{ client.NewContentFromString(string(dockerconfigjson), "/root/.docker/config.json"), @@ -108,6 +107,15 @@ func (h *docker) Create(ctx context.Context) error { ExtraHosts: []string{ "host.docker.internal:host-gateway", }, + HealthCheck: &v1.HealthcheckConfig{ + Test: []string{"CMD", "/bin/sh", "-c", "docker info"}, + Interval: 1 * time.Second, + Retries: 30, + Timeout: 1 * time.Minute, + }, + Volumes: map[string]struct{}{ + "/var/lib/docker": {}, + }, }) if err != nil { return fmt.Errorf("starting container: %w", err) @@ -127,16 +135,11 @@ func (h *docker) Create(ctx context.Context) error { } // Run implements harness.Harness. -func (h *docker) Run(ctx context.Context, cmd harness.Command) error { +func (h *dind) Run(ctx context.Context, cmd harness.Command) error { return h.runner(ctx, cmd) } -func (h *docker) DebugLogCommand() string { - // TODO implement something here - return "" -} - -func (h *docker) Destroy(ctx context.Context) error { +func (h *dind) Destroy(ctx context.Context) error { return h.stack.Teardown(ctx) } diff --git a/internal/harness/docker/opts.go b/internal/harness/docker/opts.go index a6c2f94..1c010c3 100644 --- a/internal/harness/docker/opts.go +++ b/internal/harness/docker/opts.go @@ -9,7 +9,7 @@ import ( "github.com/google/go-containerregistry/pkg/name" ) -type Option func(*docker) error +type Option func(*dind) error type VolumeConfig struct { Name string @@ -34,21 +34,21 @@ type RegistryTlsConfig struct { } func WithName(name string) Option { - return func(opt *docker) error { + return func(opt *dind) error { opt.Name = name return nil } } func WithImageRef(ref name.Reference) Option { - return func(opt *docker) error { + return func(opt *dind) error { opt.ImageRef = ref return nil } } func WithMounts(mounts ...mount.Mount) Option { - return func(opt *docker) error { + return func(opt *dind) error { if mounts != nil { opt.Mounts = append(opt.Mounts, mounts...) } @@ -57,14 +57,14 @@ func WithMounts(mounts ...mount.Mount) Option { } func WithNetworks(networks ...client.NetworkAttachment) Option { - return func(opt *docker) error { + return func(opt *dind) error { opt.Networks = append(opt.Networks, networks...) return nil } } func WithAuthFromStatic(registry, username, password, auth string) Option { - return func(opt *docker) error { + return func(opt *dind) error { if opt.Registries == nil { opt.Registries = make(map[string]*RegistryConfig) } @@ -83,7 +83,7 @@ func WithAuthFromStatic(registry, username, password, auth string) Option { } func WithAuthFromKeychain(registry string) Option { - return func(opt *docker) error { + return func(opt *dind) error { if opt.Registries == nil { opt.Registries = make(map[string]*RegistryConfig) } @@ -117,7 +117,7 @@ func WithAuthFromKeychain(registry string) Option { } func WithEnvs(env ...string) Option { - return func(opt *docker) error { + return func(opt *dind) error { if opt.Envs == nil { opt.Envs = make([]string, 0) } @@ -127,14 +127,14 @@ func WithEnvs(env ...string) Option { } func WithResources(req client.ResourcesRequest) Option { - return func(opt *docker) error { + return func(opt *dind) error { opt.Resources = req return nil } } func WithVolumes(volumes ...VolumeConfig) Option { - return func(opt *docker) error { + return func(opt *dind) error { if volumes == nil { return nil }