From 5e59e0e697b08882e157c9cecd35107da6d22ebc Mon Sep 17 00:00:00 2001
From: farthinder <lantzanders@gmail.com>
Date: Wed, 20 Sep 2023 12:02:56 +0200
Subject: [PATCH] DoodContainer.groovy (#28)

* Added changeDockerSockOwner()
GroovyDoodContainer.groovy
 * New container intended to be used when groovy needs access to docker engine
UbuntuContainer.groovy
 * A new basic ubuntu container
Container.groovy
 * Improved documentation
 * Added createSleepyContainer()
pom.xml
 * Bumped to 2.3.8
 * Bumped docker-client 2023-05-07T23-22-00 -> 2023-08-16T08-25-00
 * Tweaked maven-shade to work better both as standalone as "normal"
---
 pom.xml                                       | 56 ++++++++-----------
 .../devstack/container/Container.groovy       | 15 +++++
 .../container/impl/AlpineContainer.groovy     |  8 +--
 .../container/impl/DoodContainer.groovy       | 22 +++++++-
 .../container/impl/GroovyDoodContainer.groovy | 18 ++++++
 .../container/impl/UbuntuContainer.groovy     | 15 +++++
 6 files changed, 94 insertions(+), 40 deletions(-)
 create mode 100644 src/main/groovy/com/eficode/devstack/container/impl/GroovyDoodContainer.groovy
 create mode 100644 src/main/groovy/com/eficode/devstack/container/impl/UbuntuContainer.groovy

diff --git a/pom.xml b/pom.xml
index 24677d2..3ed7b1a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,13 +6,22 @@
 
     <groupId>com.eficode</groupId>
     <artifactId>devstack</artifactId>
-    <version>2.3.7-SNAPSHOT</version>
+    <version>2.3.8-SNAPSHOT</version>
     <packaging>jar</packaging>
 
     <name>DevStack</name>
 
     <description>A series of scripts for setting up common developer application suites</description>
 
+    <properties>
+        <maven.compiler.source>11</maven.compiler.source>
+        <maven.compiler.target>11</maven.compiler.target>
+        <groovy.major.version>3.0</groovy.major.version>
+        <groovy.version>[3.0,4.0)</groovy.version>
+        <spock-core.version>2.4-M1-groovy-${groovy.major.version}</spock-core.version>
+        <jiraShortcuts.version>2.0.3-SNAPSHOT-groovy-3.0</jiraShortcuts.version>
+        <bitbucketinstancemanager.version>0.0.3-SNAPSHOT-groovy-3.0</bitbucketinstancemanager.version>
+    </properties>
 
 
     <dependencies>
@@ -95,12 +104,14 @@
         </dependency>
 
 
+        <!-- https://mvnrepository.com/artifact/de.gesellix/docker-client -->
         <dependency>
             <groupId>de.gesellix</groupId>
             <artifactId>docker-client</artifactId>
-            <version>2023-05-07T23-22-00</version>
+            <version>2023-08-16T08-25-00</version>
         </dependency>
 
+
         <!--dependency>
             <groupId>org.junit.jupiter</groupId>
             <artifactId>junit-jupiter-api</artifactId>
@@ -154,7 +165,7 @@
                 <!-- Configured in pluginManagement instead of plugins, because we do not want a shaded parent POM -->
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-shade-plugin</artifactId>
-                <version>3.4.1</version>
+                <version>3.5.0</version>
                 <executions>
                     <execution>
                         <phase>package</phase>
@@ -175,6 +186,7 @@
                                         <exclude>META-INF/*.SF</exclude>
                                         <exclude>META-INF/*.DSA</exclude>
                                         <exclude>META-INF/*.RSA</exclude>
+                                        <exclude>META-INF/*.MF</exclude>
                                     </excludes>
                                 </filter>
                             </filters>
@@ -184,14 +196,10 @@
                                     <exclude>org.codehaus.groovy:*</exclude>
                                     <!--exclude>org.codehaus.groovy:groovy</exclude>
                                     <exclude>org.codehaus.groovy:groovy-astbuilder</exclude-->
-
                                     <exclude>com.google.code.gson:gson</exclude>
                                     <exclude>org.apache.httpcomponents</exclude>
-
                                     <!--exclude>commons-*</exclude--> <!--Seems to break JenkinsAndHarborDeployment.groovy:103, needs org/apache/commons/io/FileUtils-->
-
                                     <exclude>com.kohlschutter.junixsocket:junixsocket-core</exclude>
-
                                 </excludes>
 
                             </artifactSet>
@@ -200,12 +208,20 @@
                                     <pattern>com.eficode.atlassian</pattern>
                                     <shadedPattern>com.eficode.shaded.atlassian</shadedPattern>
                                 </relocation>
+                                <relocation>
+                                    <pattern>okio</pattern>
+                                    <shadedPattern>com.eficode.shaded.okio</shadedPattern>
+                                </relocation>
+                                <relocation>
+                                    <pattern>okhttp3</pattern>
+                                    <shadedPattern>com.eficode.shaded.okhttp3</shadedPattern>
+                                </relocation>
                             </relocations>
 
                             <!-- NOTE: Any dependencies of the project will not show up in the standalone pom.
                             This means that if those dependencies are not properly relocated and there is a class-loading conflict,
                             user would not be able to figure out where the conflicting dependency is. -->
-                            <createDependencyReducedPom>true</createDependencyReducedPom>
+                            <createDependencyReducedPom>false</createDependencyReducedPom>
 
                             <createSourcesJar>true</createSourcesJar>
                         </configuration>
@@ -265,28 +281,4 @@
         </plugins>
     </build>
 
-    <profiles>
-
-        <profile>
-            <id>groovy-3</id>
-            <activation>
-                <activeByDefault>true</activeByDefault>
-            </activation>
-            <properties>
-                <maven.compiler.source>11</maven.compiler.source>
-                <maven.compiler.target>11</maven.compiler.target>
-                <groovy.major.version>3.0</groovy.major.version>
-                <groovy.version>[3.0,4.0)</groovy.version>
-                <spock-core.version>2.4-M1-groovy-${groovy.major.version}</spock-core.version>
-                <jiraShortcuts.version>2.0.3-SNAPSHOT-groovy-3.0</jiraShortcuts.version>
-                <bitbucketinstancemanager.version>0.0.3-SNAPSHOT-groovy-3.0</bitbucketinstancemanager.version>
-            </properties>
-        </profile>
-
-
-
-    </profiles>
-
-
-
 </project>
\ No newline at end of file
diff --git a/src/main/groovy/com/eficode/devstack/container/Container.groovy b/src/main/groovy/com/eficode/devstack/container/Container.groovy
index 51ac96f..f684c33 100644
--- a/src/main/groovy/com/eficode/devstack/container/Container.groovy
+++ b/src/main/groovy/com/eficode/devstack/container/Container.groovy
@@ -55,6 +55,12 @@ trait Container {
     ArrayList<Mount> mounts = []
 
 
+    /**
+     * Prior to create a container, prepare mount-points
+     * @param sourceAbs The source directory in the docker engine
+     * @param target The target directory inside the container
+     * @param readOnly
+     */
     void prepareBindMount(String sourceAbs, String target, boolean readOnly = true) {
 
         Mount newMount = new Mount().tap { m ->
@@ -137,6 +143,15 @@ trait Container {
     }
 
 
+    /**
+     * Will create a Container that will sleep indefinitely, ie wont shut of once entrypoint has finished executing
+     * @return container id
+     */
+    String createSleepyContainer() {
+        return createContainer([], ["tail", "-f", "/dev/null"])
+    }
+
+
     boolean runOnFirstStartup() {
         return true
     }
diff --git a/src/main/groovy/com/eficode/devstack/container/impl/AlpineContainer.groovy b/src/main/groovy/com/eficode/devstack/container/impl/AlpineContainer.groovy
index 72db03a..3d73e11 100644
--- a/src/main/groovy/com/eficode/devstack/container/impl/AlpineContainer.groovy
+++ b/src/main/groovy/com/eficode/devstack/container/impl/AlpineContainer.groovy
@@ -25,13 +25,7 @@ class AlpineContainer implements Container {
         }
     }
 
-    /**
-     * Will create an Alpine Container that will sleep indefinitely
-     * @return
-     */
-    String createSleepyContainer() {
-        return createContainer([], ["tail", "-f", "/dev/null"])
-    }
+
 
 
 
diff --git a/src/main/groovy/com/eficode/devstack/container/impl/DoodContainer.groovy b/src/main/groovy/com/eficode/devstack/container/impl/DoodContainer.groovy
index de26c19..482e642 100644
--- a/src/main/groovy/com/eficode/devstack/container/impl/DoodContainer.groovy
+++ b/src/main/groovy/com/eficode/devstack/container/impl/DoodContainer.groovy
@@ -23,7 +23,7 @@ class DoodContainer implements Container {
         if (dockerHost && dockerCertPath) {
             assert setupSecureRemoteConnection(dockerHost, dockerCertPath): "Error setting up secure remote docker connection"
         }
-        prepareBindMount("/var/run/docker.sock", "/var/run/docker.sock")
+        prepareBindMount("/var/run/docker.sock", "/var/run/docker.sock", false)
     }
 
     @Override
@@ -57,6 +57,26 @@ class DoodContainer implements Container {
         return runAfterDockerSetup()
     }
 
+    /**
+     * Changes the owner of /var/run/docker.sock, intended to give low privileged container users access to the docker engine
+     * @param user defaults to the container images default user
+     * @return true on success
+     */
+    boolean changeDockerSockOwner(String user = "") {
+        if (user == "") {
+            user = runBashCommandInContainer("whoami").find {true}
+        }
+
+        ArrayList<String> cmdOutput =  runBashCommandInContainer("chown $user:$user /var/run/docker.sock && echo Status:\$?", 30, "root")
+        assert cmdOutput.last() == "Status:0" : "Error changing docker socket owner to $user"
+
+        cmdOutput = runBashCommandInContainer("docker info | grep ID:", 10, user)
+        assert  cmdOutput.any {it.contains(dockerClient.info().content.getID() )} : "Error accessing docker socket as $user"
+
+        return true
+
+    }
+
     /**
      * This is run once after the docker client has been installed and verified that it can talk with parent docker node
      * @return true on success
diff --git a/src/main/groovy/com/eficode/devstack/container/impl/GroovyDoodContainer.groovy b/src/main/groovy/com/eficode/devstack/container/impl/GroovyDoodContainer.groovy
new file mode 100644
index 0000000..d9fda04
--- /dev/null
+++ b/src/main/groovy/com/eficode/devstack/container/impl/GroovyDoodContainer.groovy
@@ -0,0 +1,18 @@
+package com.eficode.devstack.container.impl
+
+class GroovyDoodContainer extends DoodContainer{
+
+    String containerName = "GroovyDood"
+    String containerMainPort = ""
+    String containerImage = "groovy"
+    String containerImageTag = "jdk11-jammy"
+
+
+
+    @Override
+    boolean runAfterDockerSetup() {
+        return changeDockerSockOwner()
+    }
+
+}
+
diff --git a/src/main/groovy/com/eficode/devstack/container/impl/UbuntuContainer.groovy b/src/main/groovy/com/eficode/devstack/container/impl/UbuntuContainer.groovy
new file mode 100644
index 0000000..e25f000
--- /dev/null
+++ b/src/main/groovy/com/eficode/devstack/container/impl/UbuntuContainer.groovy
@@ -0,0 +1,15 @@
+package com.eficode.devstack.container.impl
+
+class UbuntuContainer extends AlpineContainer{
+
+    String containerName = "Ubuntu"
+    String containerImage = "ubuntu"
+    String defaultShell = "/bin/bash"
+
+
+    UbuntuContainer(String dockerHost = "", String dockerCertPath = "") {
+        if (dockerHost && dockerCertPath) {
+            assert setupSecureRemoteConnection(dockerHost, dockerCertPath): "Error setting up secure remote docker connection"
+        }
+    }
+}