Support for socket activation

[basil]

What feature do you want to see added?

Steps to reproduce

Install Jenkins 2.335 or later, then create /etc/systemd/system/jenkins.service.d/override.conf with

[Service]
Environment="JENKINS_PORT=80"
StandardInput=socket

but not AmbientCapabilities=CAP_NET_BIND_SERVICE. Also create the corresponding socket in /etc/systemd/system/jenkins.socket with

[Unit]
Description=Jenkins socket

[Socket]
ListenStream=80
Accept=false
NoDelay=true

[Install]
WantedBy=jenkins.target

Run systemctl daemon-reload, then stop Jenkins with systemctl stop jenkins.service and start the socket with systemctl start jenkins.socket. Confirm that Java is not running, then visit http://127.0.0.1 in your web browser.

Expected results

systemd should start jenkins.service, after which Java should be listening on port 80 and the browser's request should be satisfied, even though the service does not have the CAP_NET_BIND_SERVICE capability.

Actual results

The service does not consume the socket provided by systemd and cannot be reached on port 80.

Evaluation

Jetty supports this use case via ServerConnector#setInheritChannel(boolean), which delegates to System#inheritedChannel; however, Winstone provides no way to enable this Jetty functionality. If Winstone provided a command-line interface (CLI) to enable this functionality, plumbing through the user's choice to ServerConnector (e.g. in winstone.ServerConnectorBuilder), this use case could be supported.

Upstream changes

JETTY-496

[olamy]

sounds like a nice feature (flag) to add.